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Notations. 


We use the standard (Bourbaki) notations: N = {0,1,2,. ..}; Z = ring of integers; M = field 
of real numbers; C = field of complex numbers; Y p = Z/ pTL = field with p elements, p a 
prime number. 

For integers m and n, m\n means that m divides n, i.e., n € mZ. Throughout the notes, 
p is a prime number, i.e., p = 2,3,5. 

Given an equivalence relation, [*] denotes the equivalence class containing *. The empty 
set is denoted by 0. The cardinality of a set S is denoted by |Sj (so |5| is the number of 
elements in S when S is finite). Let 7 and A be sets; a family of elements of A indexed by 
7, denoted is a function i i-> ap.I —> A. 

I C Y X is a subset of Y (not necessarily proper); 


X = Y 
X ~ Y 


monnnnn 


X is defined to be 7, or equals Y by definition; 

X is isomorphic to Y ; 

X and Y are canonically isomorphic (or there is a given or unique isomorphism); 

denotes an injective map; 

denotes a surjective map. 

question nnnnn in mathoverflow.net 


It is standard to use Gothic (fraktur) letters for ideals: 


a b c m n p q 21 23 <£ 9T £J 

abcmnpqABCMNPQ 


Prerequisites 

The algebra usually covered in a first-year graduate course, for example, Galois theory, group 
theory, and multilinear algebra. An undergraduate number theory course will also be helpful. 
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Dramatis Persons 


Fermat (1601-1665). Stated his last “theorem”, and proved it for m — 4. He also posed 
the problem of finding integer solutions to the equation, 

X 2 -AY 2 = 1, AeZ, (1) 

which is essentially the problem 1 of finding the units in Z [-</?]. The English mathematicians 
found an algorithm for solving the problem, but neglected to prove that the algorithm always 
works. 

Euler (1707-1783). He introduced analysis into the study of the prime numbers, and he 
discovered an early version of the quadratic reciprocity law. 

Lagrange (1736-1813). He found the complete form of the quadratic reciprocity law: 

= (-^-Pfe-P/ 4 , p , q odd primes, 

and he proved that the algorithm for solving (1) always leads to a solution, 

Legendre (1752-1833). He introduced the “Legendre symbol” and gave an incom¬ 
plete proof of the quadratic reciprocity law. He proved the following local-global principle 
for quadratic forms in three variables over <Q>: a quadratic form Q(X, Y, Z) has a nontrivial 
zero in Q if and only if it has one in M and the congruence Q = 0 mod p n has a nontrivial 
solution for all p and n. 

Gauss (1777-1855). He found the first complete proofs of the quadratic reciprocity law. 
He studied the Gaussian integers Z[i] in order to find a quartic reciprocity law. He studied 
the classification of binary quadratic forms over Z, which is closely related to the problem 
of finding the class numbers of quadratic fields. 

Dirichlet (1805-1859). He introduced L-series, and used them to prove an analytic for¬ 
mula for the class number and a density theorem for the primes in an arithmetic progression. 
He proved the following “unit theorem”: let a be a root of a monic irreducible polynomial 
f(X) with integer coefficients; suppose that f(X) has r real roots and 2s complex roots; 
then Z[a] x is a finitely generated group of rank r + 5 — 1. 

Rummer (1810-1893). He made a deep study of the arithmetic of cyclotomic fields, 
motivated by a search for higher reciprocity laws, and showed that unique factorization could 
be recovered by the introduction of “ideal numbers”. He proved that Fermat’s last theorem 
holds for regular primes. 

Hermite (1822-1901). He made important contributions to quadratic forms, and he showed 
that the roots of a polynomial of degree 5 can be expressed in terms of elliptic functions. 

Eisenstein (1823-1852). He published the first complete proofs for the cubic and quartic 
reciprocity laws. 

Kronecker (1823-1891). He developed an alternative to Dedekind’s ideals. He also had 
one of the most beautiful ideas in mathematics for generating abelian extensions of number 
fields (the Kronecker liebster Jugendtraum). 

Riemann (1826-1866). Studied the Riemann zeta function, and made the Riemann hypoth¬ 
esis. 

1 The Indian mathematician Bhaskara (12th century) knew general rules for finding solutions to the equation. 



Dedekind (1831-1916). He laid the modem foundations of algebraic number theory by 
finding the correct definition of the ring of integers in a number field, by proving that ideals 
factor uniquely into products of prime ideals in such rings, and by showing that, modulo 
principal ideals, they fall into finitely many classes. Defined the zeta function of a number 
field. 

Weber (1842-1913). Made important progress in class field theory and the Kronecker 
Jugendtraum. 

Hensel (1861-1941). He gave the first definition of the field of /;-adic numbers (as the set 
of infinite sums Y^n=-k an P n > a n £ {0,1, — 1}). 

Hilbert (1862-1943). He wrote a very influential book on algebraic number theory in 
1897, which gave the first systematic account of the theory. Some of his famous problems 
were on number theory, and have also been influential. 

Takagi (1875-1960). He proved the fundamental theorems of abelian class field theory, as 
conjectured by Weber and Hilbert. 

Noether (1882-1935). Together with Artin, she laid the foundations of modern algebra 
in which axioms and conceptual arguments are emphasized, and she contributed to the 
classification of central simple algebras over number fields. 

Hecke (1887-1947). Introduced Hecke L-series generalizing both Dirichlet’s L-series and 
Dedekind’s zeta functions. 

Artin (1898-1962). He found the “Artin reciprocity law”, which is the main theorem of 
class field theory (improvement of Takagi’s results). Introduced the Artin L-series. 

Hasse (1898-1979). He gave the first proof of local class field theory, proved the Hasse 
(local-global) principle for all quadratic forms over number fields, and contributed to the 
classification of central simple algebras over number fields. 

Brauer (1901-1977). Defined the Brauer group, and contributed to the classification of 
central simple algebras over number fields. 

Weil (1906-1998). Defined the Weil group, which enabled him to give a common general¬ 
ization of Artin L-series and Hecke L-series. 

Chevalley (1909-84). The main statements of class field theory are purely algebraic, 
but all the earlier proofs used analysis; Chevalley gave a purely algebraic proof. With his 
introduction of ideles he was able to give a natural formulation of class field theory for 
infinite abelian extensions. 

IWASAWA (1917-1998). He introduced an important new approach into algebraic number 
theory which was suggested by the theory of curves over finite fields. 

Tate (1925- ). He proved new results in group cohomology, which allowed him to give 
an elegant reformulation of class field theory. With Lubin he found an explicit way of 
generating abelian extensions of local fields. 

Langlands (1936-). The Langlands program is a vast series of conjectures that, among 
other things, contains a nonabelian class field theory. 
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Introduction 


It is greatly to be lamented that this virtue of the 
[rational integers], to be decomposable into prime 
factors, always the same ones for a given number, 
does not also belong to the [integers of cry clotomic 
fields ]. 

Kummer 1844 (as translated by Andre Weil) 

The fundamental theorem of arithmetic says that every nonzero integer m can be 
written in the form, 

m = ±pi ■■■ p n , pi & prime number, 

and that this factorization is essentially unique. 

Consider more generally an integral domain A. An element a € A is said to be a unit if 
it has an inverse in A (element b such that ab — \ — ba). I write ,4 X for the multiplicative 
group of units in A. An element n of A is said to prime if it is neither zero nor a unit, and if 

n\ab n\a or n\b. 

If A is a principal ideal domain, then every nonzero element a of A can be written in the 
form, 

a — utti • • • Ji n , u a unit, : r; a prime element, 

and this factorization is unique up to order and replacing each jr; with an associate, i.e., with 
its product with a unit. 

Our first task will be to discover to what extent unique factorization holds, or fails to 
hold, in number fields. Three problems present themselves. First, factorization in a field 
only makes sense with respect to a subring, and so we must define the “ring of integers” 
Ok in our number field K. Secondly, since unique factorization will fail in general, we 
shall need to find a way of measuring by how much it fails. Finally, since factorization is 
only considered up to units, in order to fully understand the arithmetic of K , we need to 
understand the structure of the group of units Uk in Ok- 

The ring of integers 

Let K be an algebraic number field. Each element a of K satisfies an equation 

ot n + a\oi n i -F • • • + a n — 0 

with coefficients a\,...,a„ in Q, and a is an algebraic integer if it satisfies such an equation 

with coefficients U\ . a„ in Z. We shall see that the algebraic integers form a subring Ok 

of K. 
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Introduction 


The criterion as stated is difficult to apply. We shall show (2.11) that a is an algebraic 
integer if and only if its minimum polynomial over Q has coefficients in Z. 

Consider for example the field K = where d is a square-free integer. The 

minimum polynomial of a — a + b\fd, b ^ 0, a, b e Q, is 

(X — (a + b\fd))(X — (a — bVd )) = X 2 — 2 aX + {a 2 — b 2 d), 

and so a is an algebraic integer if and only if 

2a e Z, a 2 — b 2 d €7,. 

From this it follows easily that, when d =2,3 mod 4, a is an algebraic integer if and only if 
a and b are integers, i.e., 

Ok = Z ['fd\ = jet + bVd \ a,b e zj , 

and, if d = 1 mod 4, a is an algebraic integer if and only if a and b are either both integers 
or both half-integers, i.e., 

O k = = {a + b±±^~ 

For example, 

O q[VE] = Z[(l + V5)/2], 

Note that (1 + x/5)/2 satisfies X 2 — X — 1 = 0 and so it is an algebraic integer in Q[\/5]. 

Let Q be a primitive c/th root of 1, for example, £</ = exp(2 ni/d), and let K = Q[^]. 
Then we shall see (6.2) that 

0 K = Z.[!d] = {Em i ? d \m i zZ}. 


a,b e z|. 


as one would hope. 

Factorization 

A nonzero element n of an integral domain A is said to be irreducible if it is not a unit, and 
can’t be written as a product of two nonunits. For example, a prime element is (obviously) 
irreducible. A ring A is a unique factorization domain if every nonzero element of A can be 
expressed as a product of irreducible elements in essentially one way. Is the ring of integers 
Ok a unique factorization domain? No, not in general! 

We shall see that each element of Ok can be written as a product of irreducible elements 
(this is true for all Noetherian rings), and so it is the uniqueness that fails. 

For example, in Z[V— 5] we have 

6 = 2 • 3 = (1 + V— 5)(1 — V—5). 

To see that 2, 3, 1 + V—5, 1 — V —5 are irreducible, and no two are associates, we use the 
norm map 

Nm:Q[v / -5] Q, a + />v / -5 i-> a 2 + 5b 2 . 
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This is multiplicative, and it is easy to see that, for a e Ok, 

Nm(a) = 1 4=> aa = 1 a is a unit. (*) 

If 1 + V—5 = a/l, then Nm(a/3) = Nm(l + V—5) = 6. Thus Nm(a) = 1,2,3, or 6. In the 
first case, a is a unit, the second and third cases don't occur, and in the fourth case is a 
unit. A similar argument shows that 2,3, and 1 — V—5 are irreducible. Next note that (*) 
implies that associates have the same norm, and so it remains to show that 1 + V—5 and 
1 — V—5 are not associates, but 

i + = ( fl +b v=5)(i - v^5) 

has no solution with a,b eZ. 

Why does unique factorization fail in Ok ? The problem is that irreducible elements in 
Ok need not be prime. In the above example, 1 + V —5 divides 2 • 3 but it divides neither 2 
nor 3. In fact, in an integral domain in which factorizations exist (e.g. a Noetherian ring), 
factorization is unique if all irreducible elements are prime. 

What can we recover? Consider 


210 = 6-35= 10-21. 


If we were naive, we might say this shows factorization is not unique in Z; instead, we 
recognize that there is a unique factorization underlying these two decompositions, namely, 

210 = (2-3)(5-7) = (2 ■ 5) (3 ■ 7). 

The idea of Kummer and Dedekind was to enlarge the set of “prime numbers” so that, for 
example, in Z[v / —5] there is a unique factorization, 

6 = (Pl)(p2 -p3) = (Pi ■ p2)(pl -p3). 

underlying the above factorization; here the p/ are “ideal prime factors”. 

How do we define “ideal factors”? Clearly, an ideal factor should be characterized by the 
algebraic integers it divides. Moreover divisibility by a should have the following properties: 

a|0; a\a,a\b =>■ a\a ±b\ a\a =>■ a\ab for all b e Ok- 

If in addition division by a has the property that 

a\ab a\a or a\b, 

then we call a a “prime ideal factor”. Since all we know about an ideal factor is the set of 
elements it divides, we may as well identify it with this set. Thus an ideal factor a is a set of 
elements of Ok such that 

Oea; a,b€a^a±bea: a € a =>■ ab e a for all b e Ok', 
it is prime if an addition, 

ab € a =>■ a € a or b € a. 

Many of you will recognize that an ideal factor is what we now call an ideal, and a prime 
ideal factor is a prime ideal. 
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Introduction 


There is an obvious notion of the product of two ideals: 

ab|c •<=+ c = y ^ajbj, a|a;, b\bi. 

In other words, 

ab = |y ^ajbj \ at e a, bi e bj. 

One sees easily that this is again an ideal, and that if 

a = (ai,...,a m ) and b = (b\,...,b n ) 

then 

a- b = (aibi,...,aibj,...,a m b n ). 

With these definitions, one recovers unique factorization: if a / 0, then there is an 
essentially unique factorization: 

(a) — pi • • • p n with each p, a prime ideal. 

In the above example, 

(6) = (2,1 + V— 5) 2 (3, 1 + V=5)(3,1 - V—5). 


In fact, I claim 


(2,1 + V^5) 2 = (2) 

(3,1 + V—5)(3,1 - V^5) = (3) 

(2,1 + V— 5)(3, 1 + V^5) = (1 + V=5) 

(2,1 + V— 5)(3, 1 - V— 5) = (1 - V— 5). 

For example, (2,1 + y—5)(2,1 + a/— 5) = (4,2 + 2V—5.6). Since every generator is 
divisible by 2, we see that 

(2,1 + V—5)(2,1 + #5) C (2). 

Conversely, 

2 = 6 — 4e(4,2 + 2 >/—5,6) 

and so (2,1 + V—5) 2 = (2), as claimed. I further claim that the three ideals (2,1 + 
V=5), (3,1 + V=5), and (3,1 — V— 5) are all prime. For example, the obvious map 
Z -> Z[V—5]/(3,1 — V—5) is surjective with kernel (3), and so 

Z[V=5]/(3,1 - V^5) ~ Z/(3), 


which is an integral domain. 

How far is this from what we want, namely, unique factorization of elements? In other 
words, how many “ideal” elements have we had to add to our “real” elements to get unique 
factorization. In a certain sense, only a finite number: we shall see that there exists a finite 
set S of ideals such that every ideal is of the form a - (a) for some a e S and some a € Ok- 
Better, we shall construct a group I of “fractional” ideals in which the principal fractional 
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ideals (a), a e K x , form a subgroup P of finite index. The index is called the class number 
Hk of K. We shall see that 

Ok is a principal ideal domain 
Ok is a unique factorization domain. 

For example, the class number of Q[V—5] is 2. The ideals 

(3,1 + V—5), (3. I - \Z—5), (7,3 + >/—5), (7,3-V^5) 

in Z[\/^5] are prime and not principal, and so each represents the nontrivial element in 
I / P. Therefore, the product of any two of them is principal. Using this we get three distinct 
factorizations of 21 in Z[V—5]: 

21 = 3-7 = (4+ V=5)-(4- V^5) = (1 -2/-5)• (I-2/-5). 


h K = 1 


Units 

Unlike Z, Ok can have infinitely many units. For example, (1 + is a unit of infinite 
order in Z[\/2] : 

(1 + V2)(-l + s/2) = 1; (1 + sfl) m ^ 1 if m ± 0. 

In fact Z[V2] X = {±(1 + s[7) m \ m € Z}, and so 

Z[V2] {± 1} x {free abelian group of rank 1}. 

In general, we shall show (unit theorem) that the roots of 1 in K form a finite group ji(K), 
and that 

Ok as fi(K) x Z r (as an abelian group); 
moreover, we shall find r. 

Applications 

One motivation for the development of algebraic number theory was the attempt to prove 
Fermat’s last “theorem”, i.e., when m > 3, there are no integer solutions (x,y,z) to the 
equation 

X m _|_ y m _ 


with all of x,y,z nonzero. 

When m — 3, this can be proved by the method of “infinite descent”, i.e., from one 
solution, you show that you can construct a smaller solution, which leads to a contradiction 2 . 
The proof makes use of the factorization 

Y 3 = Z 3 -X 3 = (Z-X)(Z 2 + XZ + X 2 ), 

and it was recognized that a stumbling block to proving the theorem for larger m is that no 
such factorization exists into polynomials with integer coefficients of degree < 2. This led 
people to look at more general factorizations. 


2 The simplest proof by infinite descent is that showing that V2 is irrational. 
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In a famous incident, the French mathematician Lame gave a talk at the Paris Academy 
in 1847 in which he claimed to prove Fermat’s last theorem using the following ideas. Let 
p > 2 be a prime, and suppose x, y, z arc nonzero integers such that 

x p + y p = z p . 

Write 

X P = z P-yP = Y\(z-^y), 0<i < p-l, S = e 2jli/p . 

He then showed how to obtain a smaller solution to the equation, and hence a contradiction. 
Liouville immediately questioned a step in Lame’s proof in which he assumed that, in order 
to show that each factor (z — y) is a pxh power, it suffices to show that the factors are 
relatively prime in pairs and their product is a /;th power. In fact, Lame couldn’t justify his 
step (Z[£] is not always a principal ideal domain), and Fermat’s last theorem was not proved 
for almost 150 years. However, shortly after Lame’s embarrassing lecture, Kummer used 
his results on the arithmetic of the fields Q[£] to prove Fermat’s last theorem for all regular 
primes, i.e., for all primes p such that p does not divide the class number of Q[£p], 

Another application is to finding Galois groups. The splitting field of a polynomial 
/ (X) e Q[X\ is a Galois extension of Q. In a basic Galois theory course, we leam how to 
compute the Galois group only when the degree is very small. By using algebraic number 
theory one can write down an algorithm to do it for any degree. 

For applications of algebraic number theory to elliptic curves, see, for example, Milne 
2006. 

Some comments on the literature 

Computational number theory 

Cohen 1993 and Pohst and Zassenhaus 1989 provide algorithms for most of the constructions 
we make in this course. The first assumes the reader knows number theory, whereas the 
second develops the whole subject algorithmically. Cohen’s book is the more useful as a 
supplement to this course, but wasn’t available when these notes were first written. While 
the books are concerned with more-or-less practical algorithms for fields of small degree 
and small discriminant, Lenstra (1992) concentrates on finding “good” general algorithms. 

History of algebraic number theory 

Dedekind 1996, with its introduction by Stillwell, gives an excellent idea of how algebraic 
number theory developed. Edwards 1977 is a history of algebraic number theory, concentrat¬ 
ing on the efforts to prove Fermat’s last theorem. The notes in Narkiewicz 1990 document 
the origins of most significant results in algebraic number theory. Lemmermeyer 2009, 
which explains the origins of “ideal numbers”, and other writings by the same author, e.g., 
Lemmermeyer 2000, 2007. 


Exercises 

0-1 Let d be a square-free integer. Complete the verification that the ring of integers in 
0[\fd\ is as described. 



Exercises 
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0-2 Complete the verification that, in Z[\/^5], 

(6) = (2,1 + V— 5) 2 (3,1 + V— 5)(3,1 - V^5) 
is a factorization of (6) into a product of prime ideals. 



Chapter 


Preliminaries from Commutative 

Algebra 


Many results that were first proved for rings of integers in number fields are true for more 
general commutative rings, and it is more natural to prove them in that context. 1 


Basic definitions 

All rings will be commutative, and have an identity element (i.e., an element 1 such that 
la — a for all a e A), and a homomoiphism of rings will map the identity element to the 
identity element. 

A ring B together with a homomorphism of rings A —*■ B will be referred to as an 
A-algebra. We use this terminology mainly when A is a subring of B. In this case, for 
elements ySi, ...,p m of B, A[P\, ...,p m \ denotes the smallest subring of B containing A and 
the Pi. It consists of all polynomials in the Pi with coefficients in A, i.e., elements of the 
form 

■■■Pm > e A. 

We also refer to A[Pi,p m \ as the A-subalgebra of B generated by the pi, and when 
B — A[Pi,.... Pm] we say that the P, generate B as an A-algebra. 

For elements < 31 , 02 . • • ■ of A, we let (a\ M 2 ,...) denote the smallest ideal containing the 

ai. It consists of finite sums Ci Uj,Ci € A, and it is called the ideal generated by a 1.02 . 

When a and b are ideals in A, we define 

a+ b = {a + b \ a e a, b e b}. 

It is again an ideal in A — in fact, it is the smallest ideal containing both a and b. If 
a = (a\,...,a m ) and b = ( b\,...,b n ), then a+ b = (a\,...,a m ,bi,...,b n ). 

Given an ideal a in A, we can form the quotient ring A/a. Let /: A —>• A/a be the 
homomorphism <3 1 -^- <3 + a; then b / _1 (b) defines a one-to-one correspondence between 
the ideals of A/a and the ideals of A containing a, and 

A/f~ l (b) -5- (A/a)/b. 

*See also the notes A Primer of Commutative Algebra available on my website. 
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A proper ideal a of A is prime if ab e a =>■ a or b e a. An ideal a is prime if and only if 
the quotient ring A/a is an integral domain. A nonzero element nr of A is said to be prime if 
( ji ) is a prime ideal; equivalently, if n\ab =>• n\a or n\b. 

An ideal m in A is maximal if it is maximal among the proper ideals of A, i.e., if m ^ A 
and there does not exist an ideal a ^ A containing m but distinct from it. An ideal a is 
maximal if and only if A/a is a field. Every proper ideal a of A is contained in a maximal 
ideal — if A is Noetherian (see below) this is obvious; otherwise the proof requires Zorn’s 
lemma. In particular, every nonunit in A is contained in a maximal ideal. 

There are the implications: A is a Euclidean domain =>■ A is a principal ideal domain 
A is a unique factorization domain (see any good graduate algebra course). 


Ideals in products of rings 

Proposition 1.1 Consider a product of rings Ax B. If a and b are ideals in A and B 
respectively, then a x b is an ideal in Ax B, and every ideal in Ax B is of this form. The 
prime ideals of Ax B are the ideals of the form 

px B (pa prime ideal of A), Axp (pa prime ideal of B ). 

PROOF. Let c be an ideal in Ax B, and let 

a = {a e A \ (a,0) e c}, b = {b e B \ (0 ,b) e c}. 

Clearly ax h C c. Conversely, let ( a,b ) e c. Then (a, 0) = (a,b)- (1,0) € c and (0 ,b) = 

( a,b) ■ (0,1) e c, and so ( a,b ) enxl). 

Recall that an ideal c C C is prime if and only if C/c is an integral domain. The map 
A x B -> A/ax B/b, (a,b) (a + a,b + b) 

has kernel ax b, and hence induces an isomorphism 

(Ax5)/(axb)~ A/ax B/b. 

Now use that a product of rings is an integral domain if and only if one ring is zero and the 
other is an integral domain. □ 

Remark 1.2 The lemma extends in an obvious way to a finite product of rings: the ideals 
in A i x ■ ■ ■ x A m are of the form a i x • ■ ■ x a m with a, an ideal in A,; moreover, a i x ■ ■ ■ x a m 

is prime if and only if there is a j such that aj is a prime ideal in Aj and a, = A,- for i ^ j. 


Noetherian rings 

A ring A is Noetherian if every ideal in A is finitely generated. 
Proposition 1.3 The following conditions on a ring A are equivalent: 

(a) A is Noetherian. 

(b) Every ascending chain of ideals 

ai C 02 C C a„ C ■■■ 

eventually becomes constant, i.e., for some n, a„ = a w +i = 
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(c) Every nonempty set S of ideals in A has a maximal element, i.e., there exists an ideal 
in S not properly contained in any other ideal in S. 

PROOF. (a)=Hb): Let a = (J a,; it is an ideal, and hence is finitely generated, say a = 
(a i , ..., a r ). For some n , a n will contain all the at , and so a„ = a „+1 = ■ ■ ■ = a. 

(b) =Hc): Let ai e S. If ai is not a maximal element of S, then there exists an ci 2 e S such 
that ai 02 - If ci 2 is not maximal, then there exists an 03 etc.. From (b) we know that this 
process will lead to a maximal element after only finitely many steps. 

(c) =Ma): Let a be an ideal in A, and let S be the set of finitely generated ideals contained in a. 
Then S is nonempty because it contains the zero ideal, and so it contains a maximal element, 

say, a 1 — (a\,... ,a r ). If a' ^ a, then there exists an element seaxa', and (a 1 . a r , a) 

will be a finitely generated ideal in a properly containing a'. This contradicts the definition 
of a'. □ 

A famous theorem of Hilbert states that k[X \,..., X n \ is Noetherian. In practice, almost 
all the rings that arise naturally in algebraic number theory or algebraic geometry are 

Noetherian, but not all rings are Noetherian. For example, the ring k[X\ . X n _] of 

polynomials in an infinite sequence of symbols is not Noetherian because the chain of ideals 

(X 1 )C(X 1 ,X 2 )C(X 1 ,X 2 ,X 3 )C-- 


never becomes constant. 

Proposition 1.4 Every nonzero nonunit element of a Noetherian integral domain can be 
written as a product of irreducible elements. 

PROOF. We shall need to use that, for elements a and h of an integral domain A, 

(a) C ( b) b\a, with equality if and only if b — ax unit. 

The first assertion is obvious. For the second, note that if a = be and b = ad then a — be = 
adc, and so dc — 1. Hence both c and d arc units. 

Suppose the statement of the proposition is false for a Noetherian integral domain A. 
Then there exists an element a e A which contradicts the statement and is such that (a) is 
maximal among the ideals generated by such elements (here we use that A is Noetherian). 
Since a can not be written as a product of irreducible elements, it is not itself irreducible, 
and so a = be with b and c nonunits. Clearly (b) D (a), and the ideals can't be equal for 
otherwise c would be a unit. From the maximality of (a), we deduce that b can be written 
as a product of irreducible elements, and similarly for c. Thus a is a product of irreducible 
elements, and we have a contradiction. □ 

Remark 1.5 Note that the proposition fails for the ring O of all algebraic integers in the 
algebraic closure of Q in C, because, for example, we can keep extracting square roots — 
an algebraic integer a can not be an irreducible element of O because yfa will also be an 
algebraic integer and a = yfa ■ yfa. Thus O is not Noetherian. 


Noetherian modules 

Let A be a ring. An A-module M is said to be Noetherian if every submodule is finitely 
generated. 
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Proposition 1.6 The following conditions on an A-module M are equivalent: 

(a) M is Noetherian; 

(b) every ascending chain of submodules eventually becomes constant; 

(c) every nonempty set of submodules in M has a maximal element. 

PROOF. Similar to the proof of Proposition 1.3. □ 

Proposition 1.7 Let M be an A-module, and let N be a submodule of M. If N and 
M/N are both Noetherian, then so also is M. 

PROOF. I claim that if M' c M" are submodules of M such that M' D N — M" n N and 
M' and M" have the same image in M/N, then M' = M”. To see this, let x e M"; the 
second condition implies that there exists a ye M' with the same image as x in M/N, i.e., 
such that x — y e N. Then x — y e M" flA^C M', and sore M'. 

Now consider an ascending chain of submodules of M. If M/N is Noetherian, the 
image of the chain in M/ N becomes constant, and if N is Noetherian, the intersection of 
the chain with N becomes constant. Now the claim shows that the chain itself becomes 
constant. □ 

Proposition 1.8 Let A be a Noetherian ring. Then every finitely generated A-module is 
Noetherian. 

PROOF. If M is generated by a single element, then M % A/a for some ideal a in A, and 
the statement is obvious. We argue by induction on the minimum number n of generators of 
M. Since M contains a submodule N generated by n — 1 elements such that the quotient 
M/N is generated by a single element, the statement follows from (1.7). □ 


Local rings 

A ring A is said to be local if it has exactly one maximal ideal m. In this case, A x = A \ m 
(complement of m in A). 

Lemma 1.9 (Nakayama’s lemma) Let A be a local Noetherian ring, and let a be a 
proper ideal in A. Let M be a finitely generated A-module, and define 

aM = {J^ainii | aj e a, m/ e M}. 

(a) If aM = M, then M — 0. 

(b) If N is a submodule of M such that N + aM = M, then N — M. 

PROOF, (a) Suppose that aM — M but M /0. Choose a minimal set of generators 
{e\,...,e n } for M, n > 1, and write 


e\ — a\e\ H - t- a„e„, a; € a. 


Then 


{\—a\)e\ = a 2 e 2 -\ -b a n e n . 


As 1 — a\ is not in m, it is a unit, and so {e 2 ,...,e n j generates M, which contradicts our 
choice of {ei, _ e n }. 
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(b) It suffices to show that n(M/ N) = M/N for then (a) shows that M/N = 0. Consider 
m + N, m € M. From the assumption, we can write 

m = n + ffajtni, with at e a, m, e M. 


Then 


m + N = J2 (a,m, + N) = Jjaj ( m i + N ) 


and so m + TV e a(M/N). 


□ 


The hypothesis that M be finitely generated in the lemma is essential. For example, if 
A is a local integral domain with maximal ideal m/0, then tn M = M for every field M 
containing A but M/0. 


Rings of fractions 

Let A be an integral domain; there is a field K D A, called the field of fractions of A, with 
the property that every c € K can be written in the form c = ab~ l with a,b € A and h f 0. 
For example, Q is the field of fractions of Z, and k{X) is the field of fractions of k[X}. 

Let A be an integral domain with field of fractions K. A subset S of A is said to be 
multiplicative if 0 / .S’, 1 e .S', and S is closed under multiplication. If S is a multiplicative 
subset, then we define 

S~ l A = {a/b€K\beS}. 

It is obviously a subring of K. 

Example 1.10 (a) Let t be a nonzero element of A; then 

S t = {l,t,t 2 ,...} 

is a multiplicative subset of A, and we (sometimes) write A t for Sf 1 A. For example, if d 
is a nonzero integer, then 2 Z^ consists of those elements of <Q> whose denominator divides 
some power of d : 

— {a/d n e Q | a e Z, n > 0}. 

(b) If p is a prime ideal, then S p = A \ p is a multiplicative set (if neither a nor b belongs 
to p, then ab does not belong to p). We write A p for 1 A. For example, 

Z( p ) = {m/n € Q | n is not divisible by pj. 

Proposition 1.11 Consider an integral domain A and a multiplicative subset S of A. For 
an ideal a of A, write a e for the ideal it generates in .S' -1 A; for an ideal a of S~ 1 A, write a c 
for a DA. Then: 


a ce = a for all ideals o of S 1 A 

a ec = a if a is a prime ideal of A disjoint from S. 

2 This notation conflicts with a later notation in which 7L p denotes the ring of p-adic integers. 
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PROOF. Let a be an ideal in Clearly (a n A) e C a because a D A C a and a is an 

ideal in ,S'~’ A. For the reverse inclusion, let b £ a. We can write it b = a/s with a £ A, 
s e S. Then a — s- (a/s) e afl A, and so a/s = (s- ( a/s))/s £ (ofl A) e . 

Let p be a prime ideal disjoint from S. Clearly (S _1 p) fldDp. For the reverse inclusion, 
let a/s £ (S _1 p) n A, a £ p, s £ S. Consider the equation j -s — a £ p. Both a/s and s are 
in A, and so at least one of a/s or s is in p (because it is prime); but s </ p (by assumption), 
and so a/s £ p. □ 

Proposition 1.12 Let A be an integral domain, and let S be a multiplicative subset of 
A. The map p p e = p • S~ 1 A is a bijection from the set of prime ideals in A such that 
p n S — 0 to the set of prime ideals in S~ l A; the inverse map is p i-> p n A. 

Proof. It is easy to see that 

p a prime ideal disjoint from .S' =>• p e is a prime ideal in S~ 1 ,4, 

p a prime ideal in .S’ -1 .4 p H ,4 is a prime ideal in A disjoint from S, 

and (1.11) shows that the two maps are inverse. □ 

Example 1.13 (a) If p is a prime ideal in A, then A p is a local ring with maximal ideal 
p A p (because p contains every prime ideal disjoint from 5 p ). 

(b) We list the prime ideals in some rings: 


Z: 

(2), (3), (5), (7), (11)—, (0); 

Z 2 : 

(3), (5), (7), (11),..., (0); 

Z (2) : 

(2),(0); 

Z 42 : 

(5),(11),(13),...,(0); 

Z/(42): 

(2),(3),(7). 


Note that in general, for t a nonzero element of an integral domain, 

{prime ideals of A t ) -o- {prime ideals of A not containing l } 

{prime ideals of A/(t)} -o- {prime ideals of A containing t}. 


The Chinese remainder theorem 

Recall the classical form of the theorem: let d \,..., d n be integers, relatively prime in pairs; 
then for all integers X\, ...,x n , the congruences 

x = Xi mod di 


have a simultaneous solution x £ Z; moreover, if x is one solution, then the other solutions 
are the integers of the form x + m d with meZ and d — ]”[ di. 

We want to translate this in terms of ideals. Integers m and n are relatively prime if and 
only if ( m,n ) = Z, i.e., if and only if (m) + («) = Z. This suggests defining ideals a and b 
in a ring A to be relatively prime if a + b = A. 

If mi. mk are integers, then fj(m ; ) = (m) where m is the least common multiple of 

the m,. Thus P|(m ; ) D (]~[m ; ), which equals [](m,j. If the m, are relatively prime in pairs, 
then m — \\ m i, and so we have f~j(m ; ) = ]~[(m ; j. Note that in general, 

oi • ci2■ ■ ■ a n caina 2 n...na„, 




20 


1. Preliminaries from Commutative Algebra 


but the two ideals need not be equal. 

These remarks suggest the following statement. 

Theorem 1.14 Let a j,.... a n be ideals in a ring A, relatively prime in pairs. Then for all 
elements x\ ,...,x n of A, the congruences 

x = Xi mod a; 

have a simultaneous solution x € A; moreover, if x is one solution, then the other solutions 
are the elements of the form x + a with a e (~j a,-, and (p a, = a,. In other words, the 
natural maps give an exact sequence 

n 

0 ^ a ^ A ^ [ A / a/ ^ 0 

i = i 

with a = P a/ = Yi a,. 

Proof. Suppose first that n — 2. As m + ci2 = A, there exist cq e a, such that a\ + a 2 = 1 • 
Then x — a\X2 + ci2X\ maps to (x\ mod m, X2 mod 02), and so the map A — A /ai x A/1\2 
is surjective. For ceaifl 02, we have 

C — (l\C + CI2C € fli • 02 , 

which show that 01 H 02 = 0102- Hence 

A/a id 2 - A/a 1 x A/a 2 . 

We now use induction to prove the theorem for n > 2. For each i > 2, there exist 
elements a,- 6 ai and hi e a,- such that 


at + hi = 1 . 

The product Wi >2 ( a i + b/) lies in a 1 + 02 ■ • • a n and equals 1, and so 

ni + a 2 ---a n - A. 


Therefore, 


A/a = A/a i-(a 2 ---a„) 

~ A/a 1 x A/a 2 ---a„ 

~ A/a 1 x A/a 2 x ■■■ x A/a„ 

by the n — 2 case and induction. 


□ 


The theorem extends to A-modules. 

Theorem 1.15 Let a 1 ,.... a,, be ideals in A, relatively prime in pairs, and let M be an 
A-module. There is an exact sequence: 

0 aM ^ M ^Y\i M /aiM -* 0 

with a = ]~[ a ; = fj a,. 

This can be proved in the same way as Theorem 1.14, but I prefer to use tensor products, 
which I now review. 
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Review of tensor products 


Let M, N, and P be A-modules. A mapping f:MxN—>P is said to be A-bilinear if 
/(m + in',n) = f(m,n) + f(in',n) \ 

f (m,n + n') = f(m,n) + / (m,n') > all a e A, m.m'eM, n.n'eN. 
f(am,n) = af(m,n) = f(m,an ) J 

i.e., if it is linear in each variable. A pair (Q, f) consisting of an A-module Q and an 
A-bilinear map f-.MxN—^Q is called the tensor product of M and N if every other 
A-bilinear map f':MxN—>P factors uniquely into /' = a o f with or.Q^-P A-linear. 
The tensor product exists, and is unique (up to a unique isomorphism making the obvious 
diagram commute). We denote it by M <8 >a N, and we write ( m,n ) i-> m <8 )n for /. The 
pair ( M <8>a N, (m ,n) m <8> n) is characterized by each of the following two conditions: 

(a) The map M x N —>■ M <8u N is A-bilinear, and every other A-bilinear map M x N 
P is of the form (m , n) i-> a(m <8> n) for a unique A-linear map a : M <8U N —*■ P; thus 

Bilin a(M x N,P) = Hom^(A/ <8u N, P). 


(b) The A-module M <8u N has as generators the m <8>«, m e M , n 6 N , and as relations 


(m + m') <8> n — m <8> n + m' <8>« 
m <8> (/? + = m <8 > « + m <8> n / 

am<S>n = a{m<g>n) — m ®cin 


all a e A, m,m' e M, n,n' e N. 


Tensor products commute with direct sums: there is a canonical isomorphism 
(©, Mi) ®A (© ; Nj ) 5 ®. . Mi ® A Nj. 

CE m i)®CE n j) ^ J2 m i® n j- 

It follows that if M and N are free A-modules 3 with bases (c,) and (fj) respectively, then 
M A is a free A-module with basis (<?,- <8> fj). In particular, if V and W are vector spaces 
over a field k of dimensions m and n respectively, then V W is a vector space over k of 
dimension m n. 

Let or.M —>■ M' and fi: N —> N' be A-linear maps. Then 


(, m,n ) a(m)®/}(n):M M' ®aN' 


is A-bilinear, and therefore factors uniquely through M x N —>■ M <8u N. Thus there is a 
unique A-linear map a <8> ft : M <8A N —>■ M' <8a N' such that 

(a <8> ft)(in (8) n) = a(m)<8 j3(n). 


Remark 1.16 The tensor product of two matrices regarded as linear maps is called their 
Kronecker product . 4 If A is m x n (so a linear map k n —>• k m ) and 5 is r x s (so a linear 
map /r 5 —»• k r ), then A <8> B is the mr x ns matrix (linear map k ns —>• k mr ) with 


A<S>B = 


^ ci\ i B 

• a\ n B ^ 


• a mn B J 


3 Let M be an T-module. Elements e\,...,e m form a basis for M if every element of M can be expressed 
uniquely as a linear combination of the e,- ’s with coefficients in A. Then A m —¥ M, (a \, . . ., a m ) m>- a,- e,, is 
an isomorphism of T-modules, and M is said to be a free A-module of rank m. 

4 Kronecker products of matrices pre-date tensor products by about 70 years. 
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Lemma 1.17 If a: M — M' and /3:N —>■ A' are surjective, then so also is 

a<8> p:M <8u A -a- M'® a N'. 

Proof. Recall that M' <8> A' is generated as an ,4-module by the elements <8 E M\ 
n' e A'. By assumption m' — a(m) for some m e M and n' = fi{n) for some n e A, and 
so m' <8> n' — a(m) <8> f J >(n) = (a <8> f J >)(n> <8> n). Therefore the image of a <8> /3 contains a set 
of generators for M' <8u A 7 and so it is equal to it. □ 

One can also show that if 

M' ^ M ^ M" ^ 0 

is exact, then so also is 

M' ® A P -a- M ® A P M" ® A P -* 0. 

For example, if we tensor the exact sequence 

O^a^-A^-A/a^-O 

with M , we obtain an exact sequence 

a <8 >a M —> M —> (A/a) <8u M —► 0 (2) 

The image of ci <8u M in M is 

aM = {J/a/wq | a,- e a, m, 6 M}, 

and so we obtain from the exact sequence (2) that 

M/aM ~ (A/a) <8 >a M (3) 

By way of contrast, if M —>• A is injective, then M <8u P —> A <8 >a P need not be injective. 
For example, take A = Z, and note that (Z —>• Z) <8>z (Z/mZ) equals Z/mZ -a- Z/mZ, 
which is the zero map. 

Proof (of Theorem 1.15) Return to the situation of the theorem. When we tensor the 
isomorphism 

A/a^IlAM 

with M , we get an isomorphism 

M/aM ~ (A/a) <8 >a M f["/ a,-) <8 >a M ~ ]""[ M/at M, 

as required. □ 
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Extension of scalars 

If A -a- 5 is an ,4-algebra and M is an ,4-module, then 5 (8>a M has a natural structure of a 
B -module for which 


b(b' ®m) — bb' <8>/n, b.b'eB. m s M. 

We say that B (8>a M is the B -module obtained from M by extension of scalars. The map 
mi-t 1 <8> m: M —*■ B <8 )a M has the following universal property: it is /l-linear, and for 
every ,4-linear map a: M —> N from M into a B -module /V. there is a unique B -linear map 
a': B <8 >a M —» N such that a'(l (8> m) — a(m). Thus a i-> a' defines an isomorphism 

Hom^(M, N) -a- Homg(S <8u M.N), N a 5-module. 

For example, A (8u M = M .If M is a free ,4-module with basis ei,... ,e m , then B <8>^ M 
is a free 5-module with basis 1 <8> e\,.. . , 1 <8> e m - 

Tensor products of algebras 

If f:A^B and g:A —>■ C are ^-algebras, then 5 <8u C has a natural structure of an 
,4-algebra: the product structure is determined by the rule 

(b <8> c)(b' <8> c') = bb' <8> cc' 

and the map A ^ B <8>^ C is a f(a) <8> 1 = 1 <8> g(a). 

For example, there is a canonical isomorphism 


a®fh+af:K® k k[X u ...,X m ]^K[X 1 ,...,X m ] (4) 

Tensor products of fields 

We are now able to compute K <8>fc ^ if K is a finite separable field extension of a field k 
and T? is an arbitrai y field extension of k. According to the primitive element theorem (FT 
5. 1), K — k[a\ for some a € K. Fet f(X) be the minimum polynomial of a. By definition 
this means that the map g(X) g(u) determines an isomorphism 

k[X]/(f(X))^K. 

Hence 

K® k n~ (k[X]/(f(X)))® k S2~ S2[X]/(J{X)) 

by (3) and (4). Because K is separable over k, f(X) has distinct roots. Therefore f(X) 
factors in Q[X] into monic irreducible polynomials 

f(X) = MX)-f r {X) 

that are relatively prime in pairs. We can apply the Chinese Remainder Theorem to deduce 
that 

Q[x]/{f(X)) = n : =1 n[x]/(MX)). 

Finally, 42 [X]/(f ( X )) is a finite separable field extension of 42 of degree deg f). Thus we 
have proved the following result: 
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Theorem 1.18 Let K be a finite separable field extension ofk, and let £2 be an arbitrary 
field extension. Then K £2 is a product of finite separable field extensions of £2, 

K <8 £2 | £2j. 

If a is a primitive element for K/k, then the image otj of a in £2j is a primitive element for 
£2j / £2, and if f(X ) and f\ (X) are the minimum polynomials fora and a,- respectively, then 

/w=rT=i^w- 


Example 1.19 Let K = Q[a] with a algebraic over Q. Then 

C K ~ C (QM/C/U))) ~ C[X]/((f(X)) ~ n: =1 C[X]/(X -ai)*C r . 

Here a\,...,a r are the conjugates of a in C. The composite of / 6M>-l<g>/3:A'^>-C <8 >q K 
with projection onto the i th factor is Y2 a j aJ ^ a j «/ . 

We note that it is essential to assume in (1.18) that K is separable over k. If not, there 
will be an a e K such that a p € k but a k, and the ring K <g>£ K will contain an element 
/S = (a <8> 1 — l<g> a) ^0 such that 

p p = a p <8> 1 — 1 (&a p = a^(l <8> 1) — a p {\ <8> 1) = 0. 

Hence K K contains a nonzero nilpotent element, and so it can’t be a product of fields. 

Notes Ideals were introduced and studied by Dedekind for rings of algebraic integers, and later by 
others in polynomial rings. It was not until the 1920s that the theory was placed in its most natural 
setting, that of arbitrary commutative rings (by Emil Artin and Emmy Noether). 


Exercise 

1-1 Let A be an integral domain. A multiplicative subset S of A is said to be saturated if 

ab € S => a and b € S. 

(a) Show that S is saturated its complement is a union of prime ideals. 

(b) Show that given a multiplicative system S, there is a unique smallest saturated multi¬ 
plicative system S' containing S, and that S' — A \ (Jp, where p runs over the prime 
ideals disjoint from S. Show that 5 /_1 A — 5 -1 A. Deduce that S' -1 A is characterized 
by the set of prime ideals of A that remain prime in S' -1 A. 
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Rings of Integers 


Let A be an integral domain, and let L be a field containing A. An element a of L is said 
to be integral over A if it is a root of a monic polynomial with coefficients in A, i.e., if it 
satisfies an equation 

a n + a i a" ' + • • • + ci n — 0, fiq € A . 

Theorem 2.1 The elements of L integral over A form a ring. 

I shall give two proofs of this theorem. The first uses Newton’s theory of symmetric 
polynomials and a result of Eisenstein, and the second is Dedekind’s surprisingly modern 
proof, which avoids symmetric polynomials. 


First proof that the integral elements form a ring 

A polynomial P(X i. X r ) € A [X \ . X r \ is said to be symmetric if it is unchanged when 

its variables are permuted, i.e., if 

P(X a (!). X a(r) ) = P (X u ..., Xr), alias Syn V 

For example 

S 2 = J2 XiX J' •••’ S r = Xl -Xr, 
i<j 

are all symmetric. These particular polynomials arc called the elementary symmetric poly¬ 
nomials. 

Theorem 2.2 (Symmetric function theorem) Let A be a ring. Every symmetric polyno¬ 
mial P(X i X r ) in A[X i ,..., X r ] is equal to a polynomial in the symmetric elementary 

polynomials with coefficients in A, i.e., P e A [,S'i,.... 5, ]. 

PROOF. We define an ordering on the monomials in the A,- by requiring that 

yh vP ... yir yJ i yi 2 ... yjr 
A -j^ A ^ A y / A -j^ A ^ A*, y 

if either 

i 1 + <2 1- fir > j\ + 72 d-1“ jr 
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or equality holds and, for some s, 

h = ji,...,i s = Js, but i s+ 1 > js+i- 

k\ k 

Let X j • • • X r ' be the highest monomial occurring in P with a coefficient c / (). Because 

k\ k 

P is symmetric, it contains all monomials obtained from X l ■ ■ ■ X r ’ by permuting the X ’s. 
Hence k\ > A :2 > ■■■ > k r . 

Clearly, the highest monomial in Sj is X\ ■■■ X,, and it follows easily that the highest 
monomial in Sp 1 ■ • • sf r is 


\rd\ -\-d.2~\ - \-d r yd2~\ - Yd r vd r 

A 1 a 2 * A r • 

Therefore 

P(X 1. X r )-cS\ l ~ k2 S^ 2 ~ k3 --S^ < P(X i,...,x r ). 

We can repeat this argument with the polynomial on the left, and after a finite number of 
steps, we will arrive at a representation of P as a polynomial in 5],. S r . □ 

Let f(X ) = X n +ci\X n ~ l H- \-a„ e A[X], and let ai,_ a n be the roots of f(X) 

in some ring containing A, so that /( X ) = ]~[ (W — a, ) in the larger ring. Then 

«t = -Si(ai,...,a„), a 2 = S 2 (a 1 ,...,a„), a n = ±S n (a i. a n ). 

Thus the elementary symmetric polynomials in the roots of /(2f) lie in A, and so the theorem 
implies that every symmetric polynomial in the roots of /(X) lies in A. 

Proposition 2.3 Let A be an integral domain, and let ,12 be an algebraically closed field 

containing A. If a i_ ,a n are the roots in 12 of a monic polynomial in A[X], then every 

polynomial g(a i, in the a, with coefficients in A is a root of a monic polynomial in 

A[X]. 

Proof. Clearly 

h(X) = n a£Symn (X ~ g(«a(l), • • • ><*< 7 ( 1 .))) 

is a monic polynomial whose coefficients are symmetric polynomials in the a, , and therefore 
lie in A. But g(a i_ ,a n ) is one of its roots. □ 

We now prove Theorem 2.1. Let a i and a 2 be elements of L integral over A. There 
exists a monic polynomial in A[X] having both ci\ and a 2 as roots. We can now apply (2.3) 
with g(ai,...) equal to oq ± a 2 or a\a 2 to deduce that these elements are integral over A. 


Dedekind’s proof that the integral elements form a ring 

Proposition 2.4 Let L be a held containing A. An element a of L is integral over A if 
and only if there exists a nonzero hnitely generated A-submodule of L such that aM C M 
(in fact, we can take M — A[ot\, the A-subalgebra generated by a). 
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Proof. =>: Suppose 

OL n + Cl \ d n ' -f- • • • + Cl n — 0, Ui s A. 

Then the 4-sub module M of L generated by 1, a , a"~ 1 has the property that aM C M . 

4=: We shall need to apply Cramer’s rule. As usually stated (in linear algebra courses) 
this says that, if 

m 

y, Cjj Xj - dj, i - I. m , 

7=1 

then 

Xj — det (Cj)/ det(C) 

where C — (cjj ) and Cj is obtained from C by replacing the elements of the j th column 
with the dj s. When one restates the equation as 


det(C) -Xj = det(Cy) 


it becomes true over every ring (whether or not det(C) is invertible). The proof is elementary— 
essentially it is what you wind up with when you eliminate the other variables (try it for 
m — 2). Alternatively, expand out 


det C, 


£ll T. C 1 / X j ... Ci m 

Cml ■■■ T. Cmi Xj ... C mm 


using standard properties of determinants. 

Now let M be a nonzero A-module in L such that aM C M , and let tq _ ,v n be a 

finite set of generators for M. Then, for each i, 


a Vi = yaijvj, some a t j e A. 


We can rewrite this system of equations as 


(a — < 2 n)t>i -ai 2 v 2 -ai3V3 -= 0 

-<321 Fl + (a - a 2 2)V2 - <323t>3 -= 0 

••• = 0. 


Let C be the matrix of coefficients on the left-hand side. Then Cramer’s rule tells us that 
det(C) - Vi =0 for all i. Since at least one Vj is nonzero and we are working inside the field 
L, this implies that det(C) = 0. On expanding out the determinant, we obtain an equation 

CC n + C\Oi n 1 + C 2 0t n 2 + • • • + C n — 0, Cj 6 A. □ 


We now prove Theorem 2.1. Let a and ( J > be two elements of L integral over A, and let 
M and N be finitely generated A-modules in L such that aM C M and ft N C N. Define 

MN = ^y mitij | mj 6 M, lit e TV j . 

Then: 

(a) MN is an A-submodule of L (easy); 

(b) it is finitely generated because, if {ei,... ,e m } generates M and {/i,..., /„} generates 
N, then {eifi,...,eifj,...,e m f n } generates MTV; 

(c) it is stable under multiplication by a/3 and by a ± /3. 

We can now apply (2.4) to deduce that aft and a ± /3 are integral over A. 
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Integral elements 

Definition 2.5 The ring of elements of L integral over A is called the integral closure 
of A in L. The integral closure of Z in an algebraic number field L is called the ring of 
integers Ol in L . 

Next we want to see that L is the field of fractions of Ol ; in fact we can prove more. 

Proposition 2.6 Let K be the held of fractions of A, and let L be a held containing K. If 
a € L is algebraic over K, then there exists a nonzero d e A such that da is integral over A. 

PROOF. By assumption, a satisfies an equation 

a m + ci\a m i + — + a m 0, u / e K. 

Let d be a common denominator for the a ,, so that da, € A for all i, and multiply through 
the equation by d m : 

d m a m +a l d m a m ~ 1 + ... + a m d m = 0. 

We can rewrite this as 

( da) m + a\d(da) m ~ 1 4-1 -a m d m = 0. 

As aid, ... , a m d m e A, this shows that da is integral over A. □ 

COROFFARY 2.7 Let A be an integral domain with held of fractions K, and let B be the 
integral closure of A in a held L containing K. If L is algebraic over K, then it is the held 
of fractions of B. 

PROOF. The proposition shows that every a e L can be written a = (i/d with f € B, 
d E A. □ 

Definition 2.8 A ring A is integrally closed if it is its own integral closure in its field of 
fractions K, i.e., if 

a € K, a integral over A =>■ a e A. 

Proposition 2.9 A unique factorization domain, for example, a principal ideal domain, is 
integrally closed. 

PROOF. Let A be a unique factorization domain, and let a/b, with a,b e A, be an element 
of the field of fractions of A integral over A. If b is a unit, then a/b e A. Otherwise we may 
suppose that there is an irreducible element n of A dividing b but not a. As a/b is integral 
over A, it satisfies an equation 

(a/b) n + a i {a/b ) n ~ 1 4- \-a n =0, a / e A. 

On multiplying through by b n , we obtain the equation 

a n + a\a n ~ x b 4-... 4 -a n b n — 0. 

The element n then divides every term on the left except a n , and hence must divide a n . 
Since it doesn’t divide a, this is a contradiction. □ 
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The proposition makes it easy to give examples of rings where unique factorization fails 
— take any ring which is not integrally closed, for example, Z[V5]. 

Example 2.10 (a) The rings Z and Z[/] are integrally closed because both are principal 
ideal domains. 

(b) Unique factorization fails in Z[V—3] because 

4 = 2x2 = (l + V—3)(1 — V—3), 

and the four factors are all irreducible because they have the minimum norm 4. However, 
Z[\/^3] CZ[^1] which is a principal ideal domain (and hence the integral closure of Z in 
Q[V=3] = Q[^/T]). 

(c) For every field k, I claim that the integral closure of k [.S'i,..., S m \ in k(X\ . X m ) 

is k[X i,..., X m \ (here the Si are the elementary symmetric polynomials). 

Let / 6 k{X \,..., X m ) be integral over k [>S'i , S m \. Then/is i ntegral over k[X\ . X m 

which is a unique factorization domain, and hence is integrally closed in its field of fractions. 
Thus f ek[X 1 ,...,X m ], 

Conversely, let / € k[X \,..., X m \. Then / is a root of the monic polynomial 

n i r -f(x aW ,...,x a{m) )). 

CT€Sym,„ 

The coefficients of this polynomial are symmetric polynomials in the Xj , and therefore (see 
2.2) lie in k [Si,..., S m \. 

Proposition 2.11 Let K be the held of fractions of A, and let L be an extension of K of 
hnite degree. Assume A is integrally closed. An element a of L is integral over A if and 
only if its minimum polynomial over K has coefficients in A. 

PROOF. Let a be an element of L integral over A, so that 

oc m + a\a m ~ l + ... + a m = 0, somea/ ed. 

Let /(X) be the minimum polynomial of a over K. For any root a' of /(X), the fields K[a] 
and K[a'} are both stem fields for / (see FT p. 17), and so there exists a X-isomorphism 

er: K[a\ —^ K[a'}, a(a) = a'; 

On applying o to the above equation we obtain the equation 

a ,m +a\a’ m ~ l + ... + a m = 0, 

which shows that a' is integral over A. Hence all the roots of /(X) are integral over A, and 
it follows that the coefficients of /(X) are integral over A (by 2.1). They lie in K, and A is 
integrally closed, and so they lie in A. This proves the “only if’ part of the statement, and 
the “if’ part is obvious. □ 

Remark 2.12 As we noted in the introduction, this makes it easy to compute some rings 
of integers. For example, an element a e Q\\fd] is integral over Z if and only if its trace 
and norm both lie in Z. 
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Proposition 2.13 If B is integral over A and finitely generated as an A-algebra, then it is 
finitely generated as an A-module. 

PROOF. First consider the case that B is generated as an 4-algebra by a single element, say 
B — A[f5}. By assumption 

fi n H-f a n = 0, some a,- 6 A. 

Every element of B can be expressed as a finite sum 

Co + Cifi + C 2 /I 2 + '• • + C N , Ci € A, 

and we can exploit the preceding equality to replace ff n (successively) with a linear com¬ 
bination of lower powers of fi. Thus every element of B can be expressed as a finite 
sum 

Co + ci/5 + C 2 P 2 + — \-c n -i(l n *, Ci € A. 

and so 1, /3 2 ,..., generate B as an 4-module. In order to pass to the general case, 

we need a lemma. □ 

Lemma 2.14 Let A C B C C be rings. If B is finitely generated as an A-module, and C is 
finitely generated as a B-module, then C is finitely generated as an A-module. 

PROOF. If {/3i, ...,/3 m } is a set of generators for B as an 4-module, and {y\,.... y n j is a set 
of generators for C as a 5-module, then {/?,■ yj } is a set of generators for C as an ,4-module. n 

We now complete the proof of (2.13). Let /3 generate B as an 4-algebra, and 

consider 

4 C A[0i] C A[fi 1 ,p 2 ] C ■■■ C A\p lt ...,p m ] = B. 

We saw above that 4[/3i] is finitely generated as an 4-module. Since ,4 [j J > 1 ,^ 2 ] = A[fi lH/y* 
and [1 2 is integral over A [f J > 1 ] (because it is over 4), the same observation shows that 
A[p 1 ,^ 2 ] is finitely generated as a 4[/Si]-module. Now the lemma shows that 4[/3i,/S 2 ] 
is finitely generated as an 4-module. Continuing in this fashion, we find that B is finitely 
generated as an 4-module. 

Proposition 2.15 Consider integral domains A c B c C; if B is integral over 4, and C 
is integral over B, then C is integral over A. 

PROOF. Let y e C ; it satisfies an equation 

y n + biy n ~ 1 + - + b n =0, bieB. 

Let B' — A[h\ . b n \. Then B' is finitely generated as an 4-module (by the last proposition), 

and y is integral over B' (by our choice of the bi), and so B'[y\ is finitely generated as an 
4-module. Since yB'[y\ C B'[y], Proposition 2.4 shows that y is integral over 4. □ 

Corollary 2.16 The integral closure of A in an algebraic extension L of its field of 
fractions is integrally closed. 

PROOL. Let B be the integral closure of 4 in L, and let C be the integral closure of B in L. 
Then C is integral over 4, and so C C B . □ 
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Remark 2.17 In particular, the ring of integers in a number field is integrally closed. 
Clearly we want this, since we want our ring of integers to have the best chance of being a 
unique factorization domain (see 2.9). 

Example 2.18 Let k be a finite field, and let A' be a finite extension of k(X). Let Ok be 
the integral closure of k[X] in K. The arithmetic of Ok is very similar to that of the ring of 
integers in a number field. 


Review of bases of ^-modules 

Let M be an 4-module. Recall that a set of elements e \,..., e n is a basis for M if 

(a) a i e t — 0, at e A => all a,- = 0, and 

(b) every element x of M can be expressed in the form x = ffcye, , a, e A. 

Let {e\ , ...,e n } be a basis for M, and let {/i, ...,/„} be a second set of n elements in M . 
Then we can write f — Yl a ij e j, a u G A, and f is also a basis if and only if the matrix 
(cii j ) is invertible in the ring M n ( A ) of n x n matrices with coefficients in A (this is obvious). 
Moreover (a,j) is invertible in M„ (A) if and only if its determinant is a unit in A, and in 
this case, the inverse is given by the usual formula: 

(aij)~ ] = adj(a ;/ ) •dct(a ;/ ) _1 . 

def 

In the case that A = Z, the index of TV = Z/i + Z /2 H- h Z /„ in M is | det(fl,y) | (assuming 

this is nonzero). To prove this, recall from basic graduate algebra that we can choose bases 
{<?■ j for M and {f{} for N such that f! — m , e ' t , m, e Z, m; > 0. If (ej) — U ■ {e ,) and 
(f[) - V -(ft), then (ft) - V~ 1 DU(e i ) where D = diag(mi. m n ), and 

det (V~ X DU) = det(L -1 ) -det(D) -det({y) = f] m = (M : N). 


Review of norms and traces 

Let A C B be rings such that B is a free .4-module of rank n. Then every f e B defines an 
4-linear map 

x i-> px: B —> B , 

and the trace and determinant of this map are well-defined. We call them the trace Tr b/aP 
and norm Nnig/^ fi of ( J > in the extension B/A. Thus if {e\, ...,e n } is a basis for B over 4, 
and pet = ff a,jej , then Tr b/a(P) = Y2 a ii an d Nni/j/^f/l) = det(a ; y). When B D A is a 
finite field extension, this agrees with the usual definition. The following hold (for a 6 A, 
P,P'eB ): 

Trip + P') = Tr(p) + Tr(p') Nm(pp') = Nm (p) ■ Nm(P') 

Tr (aP) — aTr(P) Nm(a) = a n 

Tr (a) = na 

Proposition 2.19 Let L/K be an extension of fields of degree n, and let p 6 L. Let 
f (X) be the minimum polynomial of fi over K and let pi = p, f J > 2 - ■■■ , fi m be the roots of 
f(X). Then 

Tr l/k(P) = r(PiA -f Pm), Nm L / K (P) = (Pf-PmY 

where r — [L : K[p]] — n/m. 



32 


2. Rings of Integers 


PROOF. Suppose first that L = K[fi], and compute the matrix of x k px relative to the 

basis {1, fi . fi n ~ 1 } — one sees easily that it has trace £ Pi and determinant ]""[ fij . For 

the general case, use the transitivity of norms and traces (see FT 5.48). □ 

Corollary 2.20 Assume L is separable of degree n over K, and let {cti, ...,cr„} be the 
set of distinct K-homomorphisms L £2 where £2 is some big Galois extension of K (e.g., 
the Galois closure of L over K ). Then 


Tr l/k(P) = 01/M- bo n p, Nmi/^fjg) = oip---o n p. 

Proof. Each fij occurs exactly r times in the family {a,/3}. □ 

Corollary 2.21 Let A be an integrally closed integral domain, and let L be a finite 
extension of the held of fractions K of A; if fi € L is integral over A, then Tr^/x (fi) and 
Nm l/k (P) are in A. 

PROOF. We know that if fi is integral, then so also is each of its conjugates. Alternatively, 
apply 2.11. □ 

Aside 2.22 Let L = K[a\, and let o i = 01,0.2 . ot n be the conjugates of a (in some Galois 

extension of K containing L). For any fi = g(a) in L, 

Nm l/k (fi) = n"=i Tr L /k (P) = £"=1 g(ui)- 

This is a restatement of (2.20), and is Dedekind’s original definition (Dedekind 1877, §17). 


Review of bilinear forms 

Let V be a finite-dimensional vector space over a field K. Recall that a bilinear form on V 
is a K -bilinear map 

xfr.Vx V -* K. 

Such a form is symmetric if f (x , v) = f(y,x) for all x,y e V. The discriminant of a 

bilinear form xf relative to a basis {e\ . e m } of V is det(i \r(e [, ej )). If {/ 1 ,.... f m } is a set 

of elements of V, and fj = then 

f(fkJl) = ^2f(akiei,aijej) = a ki -xfrfei,ej)-aij , 

i,j fj 


and so 

(fi(fk-fl)) = A ■ (f(e ,, ey)) ■ A tr 
(equality of m x m matrices) where A is the matrix (ctij ). Hence 

det(i fr(fijj)) = det(A) 2 -det(\fr(ei,ej)) (5) 

The form xfr is said to be nondegenerate if it satisfies each of the following equivalent 
conditions: 

(a) xfr has a nonzero discriminant relative to one (hence every) basis of V ; 

(b) the left kernel {u € V \ xfr(v,x ) = 0 for all x € V) is zero; 

(c) the right kernel of xf/ is zero. 
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Thus if i fr is nondegenerate, the map v \f/(v,x)) from V onto the dual vector space 

V v = Hom(L, K ) is an isomorphism. Let {ei, be a basis for V, and let f m 

be the dual basis in V v , i.e., ft (ej ) = *ij (Kronecker delta). We can use the isomorphism 
V — >■ V v given by a nondegenerate form \j/ to transfer { f \ ..... f m j to a basis {e\, ...,e' m } of 
V ; it has the property that 

^ (ej < e j) = Sjj. 

For example, suppose {ei ,..., e m } is a basis such that (i//(e ; - ,ej)) is a diagonal matrix — the 
Gram-Schmidt process always allows us to find such a basis when the form is symmetric — 
then e\ = ei/f(ei,ei). 


Discriminants 

If L is a finite extension of K (L and K fields), then 

(a,/f)^Tr L/K (al3y.LxL^ K 

is a symmetric bilinear form on L regarded as a vector space over K , and the discriminant 
of this form is called the discriminant of L/K. 

More generally, let B D A be rings, and assume B is free of rank m as an ^-module. 
Let /f i, be elements of B. We define their discriminant to be 


D(Pu...,p m ) = det(Tr BM (^^)). 

Lemma 2.23 Ifyj — ajj e A, then 

= fet{aij ) 2 ■ 

Proof. See the proof of (5). □ 

If the ;6s and ys each form a basis for B over A. then dct(o ;/ ) is a unit (see p3 1). Thus the 
discriminant D(/3i , ...,/3 m ) of a basis {/3 1 , of B is well-defined up to multiplication 

by the square of a unit in A. In particular, the ideal in A that it generates is independent of 
the choice of the basis. This ideal, or D(/3 itself regarded as an element of A/A x2 , 

is called the discriminant disc {B/A) of B over A. 

For example, when we have a finite extension of fields L/K, dis c(L/K) is an element 
of K, well-defined up to multiplication by a nonzero square in K. 

When A — Z, disc (B/A) is a well-defined integer, because 1 is the only square of a unit 
in Z. 

Warning: We shall see shortly that, when K is a number field of degree m over Q, the 
ring of integers Ok in K is free of rank m over Z, and so disc((T^/Z) is a well-defined 
integer. Sometimes this is loosely referred to as the discriminant of K/Q — strictly speaking, 
disc(A'/Q) is the element of Q x /Q x2 represented by the integer disc((2^/Z). 

Proposition 2.24 Let A c B be integral domains and assume that B is a free A-module 

of rank m and that disc(B / A) ^ 0. Elements y i. y m form a basis for B as an A-module 

if and only if 

(D(yi . y m )) = (disc(5/ri)) (as ideals in A). 
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PROOF. Let {/Si, ...,p m } be abasis for B as an H-module, and let y i, y m be any elements 
of B. Write yj = J^ajiPi, aji e 4. Then 

D(yi,...,y m ) (2 = 3) det(a ; y) 2 ■ D(P\,...,p m ), 

and, as we noted earlier, {yi ,..., y m j is a basis if and only if det(a,y) is a unit. □ 

Remark 2.25 Take A — Z in (2.24). Elements yi,y 2 , ■ ■ ■ ,ym generate a submodule N of 
finite index in B if and only if D(y\ . y m ) ^ 0, in which case 

D(y 1 ,...,y m ) = (B:N) 2 -disc(B/Z). 

To prove this, choose a basis f J >\ . p m for B as a Z-module, and write yj = ^ aji [ J >i. Then 

both sides equal det(a ; /) 2 • D(P i,.. .,p m )- 

Proposition 2.26 Let L be a finite separable extension of the field K of degree m, and 

leto i. o m be the distinct K-homomorphisms of L into some large Galois extension £2 of 

L. Then, for every basis fi i, of L over K, 

p m ) = det (oiPj) 2 ^ 0. 

PROOF. By direct calculation, we have 

D(fti ..... P m ) =detmPiPj)) 

= det (Efc °k(PiPj)) (by 2-20) 

= det(J2k a k(fii)' a k(Pj)) 

= det(a fc (Pi )) • dctla^ (pj)) 

= det (a k (pi)) 2 . 

Suppose that det(cr/ Pj) — 0. Then there exist c i, ...,c m S £2 such that 

X>ff,(fr) = Oall j. 
i 

By linearity, it follows that c/a/ ( P ) = 0 for all p e L, but this contradicts Dedekind’s 
theorem on the independence of characters (apply it with G = L x ): Let G be a group and £2 
a field, and let oi ,..., o m be distinct homomorphisms G —>■ £2 X \ then o \, ...,o m are linearly 
independent over £2, i.e., there do not exist c,- e £2 such that x i-> c ; Oj (x): G —>• £2 is the 
zero map (FT 5.14). □ 

Corollary 2.27 Let K be the field of fractions of A, and let L be a finite separable 
extension of K of degree m. If the integral closure B of A in L is free of rank m over A, 
then disc (B/A) ^ 0. 

PROOF. If {p\,Pm} is a basis for B as an ^4-module, then it follows easily from (2.6) 
that it is also a basis for L as a A"-vector space. Hence disc (B/A) represents disc(L/AT). □ 

Remark 2.28 (a) The proposition shows that the 7c-bilinear pairing 

(P,p')^Tr(p-p'y.LxL^ K 

is nondegenerate (its discriminant is disc( A/ K )). 

(b) The assumption that L/K is separable is essential; in fact, if L/K is not separable, 
then disc(L/A') = 0 (see Exercise 2-3). 
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Rings of integers are finitely generated 

We now show that Ok is finitely generated as a Z-module. 

Proposition 2.29 Let A be an integrally closed integral domain with held of fractions K, 
and let B the integral closure of A in a separable extension L of K of degree m. There exists 
free A-submodules M and M' of L such that 

M CB CM'. (6) 

Therefore B is a hnitely generated A-module if A is Noetherian, and it is free of rank m if A 
is a principal ideal domain. 

PROOF. Let {p \,.... p m } be a basis for L over K. According to (2.6), there exists a nonzero 
d g A such that d ■ Pi € B for all i. Clearly {d ■ Pi,...,d ■ ft m } is still a basis for L as a 
vector space over K, and so we may assume to begin with that each Pi € B. Because the 
trace pairing is nondegenerate, there is a “dual” basis {p' l ,...,P' m } of L over K such that 
Tr (Pi ■ Pj) — Sjj (see the discussion following (5), p32). We shall show that 

AP\ + AP 2 + ••• + Ap m C B C A/3j + Ap '2 + ••• + Ap' m . 

Only the second inclusion requires proof. Let p € B. Then P can be written uniquely as a 
linear combination P — bj pi of the /L with coefficients bj e K, and we have to show 
that each bj e A. As Pi and p are in B, so also is P- Pi, and so Tr (P ■ pi) e A (see 2.21). 
But 

Tr (P-Pi) = TrfcbjP'j-Pi) = Tr (# -ft) = = *i- 

j i j 

Hence hi € A. 

If A Noetherian, then M' is a Noetherian A-module (see 1.8), and so B is finitely 
generated as an A-module. If A is a principal ideal domain, then B is free of rank < m 
because it is contained in a free A-module of rank m, and it has rank > m because it contains 
a free A-module of rank m (see any basic graduate algebra course). □ 

Corollary 2.30 The ring of integers in a number held L is the largest subring that is 
hnitely generated as a r L-module. 

PROOF. We have just seen that Ol is a finitely generated Z-module. Let B be another 
subring of L that is finitely generated as a Z-module; then every element of B is integral 
over Z (by 2.4), and so B C Ol- □ 

Remark 2.31 (a) The hypothesis that L/K be separable is necessary to conclude that B is 
a finitely generated A-module (we used that the trace pairing was nondegenerate). However 
it is still true that the integral closure of k[X] in any finite extension of k(X) (not necessarily 
separable) is a finitely generated k [AJ-modulc. 

(b) The hypothesis that A be a principal ideal domain is necessary to conclude from (6) 
that B is a free A-module — there do exist examples of number fields L/K such that Ol is 
not a free Ok -module. 

(c) Here is an example of a finitely generated module that is not free. Let A = Z[V — 5], 
and consider the A-modules 


(2) C (2,1 + V—5) C Z[V— 5], 
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Both (2) and Z[V—5] are free Z[V—5]-modules of rank 1, but (2,1 + V—5) is not a free 
Z[\/—5]-module of rank 1, because it is not a principal ideal (see the Introduction). In fact, 
it is not a free module of any rank. 

Definition 2.32 When K is a number field, a basis for Ok as a Z-module is 

called an integral basis for K. 


Remark 2.33 We retain the notations of the proposition and its proof. 

(a) Let C = ^ A Pi C 5, with pi a basis for L over K. Define 

C* = {p € L | Tr (py) € A for all yeC}. 

By linearity, 

PeC* Tr(PPi) e A for i = 

and it follows that 

c* = Y, A Pi- 

Thus we have: 

C = J2 A Pi C8C J2 A P'i = C *' 

(b) Write L — Q[/3] with p € B, and let f{X) be the minimum polynomial of p. Let 

c - Z[fi] = Z1 + Z/3 H-b r ip m ~ l . We want to find C*. 

One can show (Artin 1959, Chapter 7) that 


Trtf/f'm = j 


0 if 0 < i < m — 2 
1 if i — m — 1 


(these formulas go back to Euler). It follows from this that 

det(Tr [fi i -P j /f{P)) = {-\) m 


(the only term contributing to the determinant is the product of the elements on the other 
diagonal). If p' 0 , ...,p' m _ l is the dual basis to 1 ,p, _ p m ~ l , so that Tr (ft 1 ■ pj) = 8ij, then 

det(Tr(p< ■p'))= \. 

On comparing these formulas, one sees that the matrix relating the family 

{\/np),...,p m - i /fm 

to the basis 

iPo’ ■■■• Pm -ll 

has determinant ±1, and so it is invertible in M n (A). Thus we see that C* is a free .4-module 
with basis {1 /f(P) . P m ~ 1 /f(P)y. 


C = A[p] C B C f'(P)~ 1 A[P] = C*. 
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Finding the ring of integers 

We now assume A' to be a field of characteristic zero. 


Proposition 2.34 Let L = K[/3] some fi, and let f(X) be the minimum polynomial of 
(i over K. Suppose that f ( X ) factors into ]~[(^ — Pi ) over the Galois closure of L. Then 


D(l,p,p 2 ,... 


Proof. We have 


J] tfi-Pj ) 2 = (-ir ( -- i)/2 -Nm L/K (fm. 

1 <i<j <m 


=det( OitfiJ)) 2 (2.26) 

= det(/3/ ) 2 

= (Ui<j(Pi ~Pj )) 2 (Vandermonde) 

= ( _i r o»-D/2 -WiiWj^i-Pj)) 

= (-l yn^/l-UjfiPj) 

= (-1 )m(m- 1 )/2 Nm (/'( j 6)). 


The number in (2.34) is called the discriminant of / (X). It can also be defined as the 
resultant of f(X ) and f'iX ). The discriminant of / lies in K, and it is zero if and only if 
/ has a repeated root. It is a symmetric polynomial in the fij with coefficients in K, and so 
(by 2.2) it can be expressed in terms of the coefficients of / (X), but the formulas arc quite 
complicated. 

Example 2.35 We compute the discriminant of 

f(X) = X n +aX + b, a,b € K, 

assumed to be irreducible and separable. Let /) he a root of / (X), and let 

Y = f'(P) = np n - l +a. 

We compute Nm^^j^fy). On multiplying the equation 

P n +ap + b = 0 

by nj5~ l and rearranging, we obtain the equation 

n/3” -1 = —na — nb/3 -1 . 

Hence 

y = +a = —{n — 1 )a — nbfl~ 1 . 

Solving for gives 

a = ~ nh 

y + (n - 1 )a ’ 

from which it is clear that K[/3] = K[y], and so the minimum polynomial of y over K also 
has degree n. If we write 
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then P(y)/Q( y) — f {&) — 0 and so P(y) = 0. Since 

P(X) = (X + (n - 1 )a) n -na(X + (n - 1 )a) n ~ l + (-1 ) n n n b n ~ l 

is monic of degree n, it must be the minimum polynomial of y. Therefore Nm(y) is (—1)” 
times the constant term of this polynomial, and so we find that 

Nm(y) = n n b n ~ 1 + (-1 ) n ~ l (n - 1 ) n ~ l a n . 

Finally we obtain the formula: 

disc (X n +aX + b) = (_i+ (-l)"" 1 ^ - 1 ) n ~ l a n ) 

For example: 

disc(X 2 + aX + b) = -4 b + a 2 , 
disc(X 3 + aX + b) — —21b 2 — 4 a 3 , 
disc(2T 4 + aX + b) = 256 b 3 — 21a 4 , 
disc (X 5 + aX + b) = 5 5 b 4 + 4 4 a 5 . 

For polynomials more complicated than the above, use a computer program. For example, 
typing 

poldisc(X~3+a*X~2+b*X+c) 
in PARI returns 

-4*c*a"3 + b"2*a~2 + 18*c*b*a + (-4*b~3 - 27*c~2) 
i.e., —4co 3 + b 2 a 2 + 18 cbci + (—4 b 3, — 21c 2 ). 

The general strategy for finding the ring of integers of K is to write K — Q[a] with a an 
integer in K, and compute D( 1 .a. It is an integer, and if it is square-free, then 

{1,0!, is automatically an integral basis, because (see 2.25) 

= disc(0^/Z)-(0^ :Z[aj) 2 . (7) 

If it is not square-free, {1, of.a'” -1 J may still be an integral basis, and sometimes one 

can tell this by using Stickelberger’s theorem (see 2.40 below) or by looking at how primes 

ramify (see later). If {Fa. a m ~ 1 } is not an integral basis, one has to look for algebraic 

integers not in J] Z ■ a' (we describe an algorithm below). 

Example 2.36 The polynomial X 3 — X — 1 is irreducible 1 in Q[X], because, if it factored, 
it would have a root in Q, which would be an integer dividing 1. Let a be a root of X 3 — X — 1. 
We have 

D(l,a,a 2 ) — disc(/(2f)) = —23, 

which contains no square factor, and so {l,a,a 2 } is an integral basis for Q[a] (and Z[a] is 
the ring of integers in Q[a]). 

Example 2.37 The polynomial X 3 + X + 1 is irreducible in Q[X], and, for any root 
a of it, D(l,a,a 2 ) = disc(/(2Q) = —31, which contains no square factor, and so again 
{ 1 , 0 !, a 2 } is an integral basis for Q[a]. 

’in fact, this is the monic irreducible cubic polynomial in Z[X] with the smallest discriminant. 
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Example 2.38 This example goes back to Dedekind. Let K — Q[a], where a is a root of 

f(X) = X 3 + X 2 -2X + 8. 

The discriminant of / is —2012 = -4-503, but Dedekind showed that Ok / Z[a], and so 
disc(C^/Z) = —503. In fact Dedekind showed that there is no integral basis of the form 1, 
a, a 2 (see Weiss 1963, pl70; for another example of this type, see Exercise 2-6.) 

Example 2.39 Consider the field Q[a] where a is a root of f(X ) = X s — X — 1. This 
polynomial is irreducible, because it is irreducible in IF 3 [W]. The discriminant of f(X ) is 
2869 = 19-151, and so the ring of integers in Q[a] is Z[a]. 

Proposition 2.40 Let K be an algebraic number field. 

(a) The sign o/'disc( K/Q) is (—l) 5 , where 2s is the number of homomorphisms K C 

whose image is not contained in M. 

(b) (Stickelberger’s theorem) disc(69^/Z) = 0 or 1 mod 4. 

PROOF, (a) Let K — Q[a], and let a\ — a, a. 2 , 01 r be the real conjugates of a and a r +i, 

a r - 1-1 a r + s ,a r + s the complex conjugates. Then 

sign(D(l, ...,a m ~ 1 )) = si § n (Eli <;</“'•+« -a»-+f)) 

because the other terms are either squares of real numbers or occur in conjugate pairs, and 
this equals (—l) s . 

(b) Recall that disc((9^/Z) = det(a;a/) 2 , where a 1 .....a m is an integral basis. Let P 
be the sum of the terms in the expansion of detfovo,) corresponding to even permutations, 
and —N the sum of the terms corresponding to odd permutations. Then 

disc (O k /Z) = (P ~ N) 2 = (P + N) 2 - 4PN. 

If r is an element of the Galois group of the Galois closure of K over Q, then either rP = P 
and rN — N, or rP — N and zN — P. In either case, r fixes P + N and PN, and so they 
are rational numbers. As they are integral over Z, they must in fact be integers, from which 
it follows that 

disc((9/c/Z) = (P + N) 2 = 0 or 1 mod 4. n 


Example 2.41 Consider the field QjyTii], where m is a square-free integer. 

Case m = 2,3 mod 4. Here 0(1, JTn) = disc(A 2 — m) = 4m, and so Stickelberger’s 
theorem shows that disc((9^/Z) = 4m, and hence {1, s/m\ is an integral basis. 

Case m = 1 mod 4. The element (1 + ~Jm) /2 is integral because it is a root of X 2 — X + 
(1 —m)/4. As 0(1, (1 + 's/m)/ 2) = m, we see that {1,(1 + y/m)/2} is an integral basis. 

Remark 2.42 Let K and K' be number fields. If K and K' are isomorphic, then they have 
the same degree and the same discriminant, but the converse statement is false. For example, 
there are four nonisomorphic cubic number fields with discriminant —4027 (4027 is prime). 
See (3.48) and (3.49) for two of them. 

The curious may wonder why we didn’t give an example of a field generated over Q by 
an integral element whose minimum polynomial has discriminant ± 1. The reason is that 
there is no such polynomial of degree > 1 — see (4.10). In fact, the smallest discriminant is 
3, which occurs for Q[</—3]. 
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Algorithms for finding the ring of integers 

By an algorithm I mean a procedure that could (in principle) be put on a computer and is 
guaranteed to lead to the answer in a finite number of steps. Suppose the input requires 
N digits to express it. A good algorithm is one whose running time is < N c for some c. 
For example, there is no known good algorithm for factoring an integer. By a practical 
algorithm I mean one that has been (or should have been) put on a computer, and is actually 
useful. 

The following variant of (2.29) is useful. Let A be a principal ideal domain with field of 
fractions K , and let B be the integral closure of A in a finite separable extension L of K of 
degree m. 

Proposition 2.43 Let ft i,...,p m beabasisforL over K consisting of elements of B , and 
letd = D(PThen 


A • P\ + ... + A ■ p m C B C A - (Pi/d) + ... + A- (p m /d). 
Proof. Let p e B, and write 


P = XiPi 4- \-Xmp m , Xi € K. 

Let or,..., o m be the distinct A'-embeddings of L into some large Galois extension T2 of K. 
On applying the cr’s to this equation, we obtain a system of linear equations: 

otP = xiOipi +x 2 OiP 2 -\ - \-x m OiP m , i = 1, — m. 


Hence by Cramer’s rule 


Xi = Yi/S 


where 8 = det(a/ Pj ) and y,- is the determinant of the same matrix, but with the zth column 
replaced with (of ft). From (2.34), we know that 8 2 = d. Thus x, = yiS/d, and y,-8 is an 
element of K (because it equals dxj) and is integral over A. Therefore y, 8 6 A, which 
completes the proof. □ 


Thus there is the following algorithm for finding the ring of integers in a number field K. 
Write K = Q[a] where a is integral over Q. Compute d = D(1, a, ...,a m ~ 1 ). Then 

Z[a] C Ok C d~ l Z[a\. 

Note that (d~*Z[a]:Z[a]) = d m , which is huge but finite. Each coset ft + Z[a], ft e 
d~ l Z[a], consists entirely of algebraic integers or contains no algebraic integer. Find a set 
of representatives Pi ,..., ( J >„ for Z[a\ in d^ 1 Z[a\, and test each to see whether it is integral 
over Z (the coefficients of its minimum polynomial will have denominators bounded by a 
power of d , and so it is possible to tell whether or not they are integers by computing them 
with sufficient accuracy). 2 

Unfortunately this method is not practical. For example, 

f(X) = X 5 + 17A 4 + 3X 3 + 2X 2 + X + \ 

2 If you know the ring of integers of a field, it is easy to find the discriminant. Conversely, if you know the 

discriminant, this will help in finding the ring of integers; for example, you may get lucky and find an a such 

that the discriminant of Z[a] over Z is equal to the discriminant of Ok- 
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is irreducible, and has discriminant 285401001. Hence, if a is a root of f(X) and K = Q[ff], 

then the index of Z[a] in Z-j + Z^ 4-f- Z^- is (285401001) 5 . Actually, as luck would 

have it, 285401001 = 3-179-233-2281 is square-free, and so Ok = Z[a]. 

Note that PARI can compute the minimum polynomial of an algebraic number. For 
example, let a — \/TT \fl . We first type “a=sqrtn(l+sqrt (7) ,3)” in PARI, which 
reports that a— 1.539084083333266359084139071. Now “algdep(a,6)” asks PARI for a 
minimum polynomial for a of degree at most 6, which (correctly) reports it to be 

X 6 — 2X 3 — 6 = (A 3 — l) 2 — 7. 

Unfortunately, of course, PARI will find a “minimum polynomial” for a even when a is 
transcendental. 

I now discuss a practical algorithm for finding Ok for small degrees and small discrimi¬ 
nants from Pohst and Zassenhaus 1989 (see also Cohen 1993, 6.1). The basic strategy is to 
start with a known order Z[a] in Ok and enlarge it for every prime p such that p 2 divides 

the discriminant of disc(l,o;. a m-1 ) until a maximal order is obtained. 

The next result will help us get an idea of what should be possible. 

Lemma 2.44 Let (A, 8) be Euclidean domain, and let M be an m x m matrix with coef¬ 
ficients in A. Then it is possible to put M into upper triangular form by elementary row 
operations of the following type: 

(rl) add a multiple of one row to a second; 

(r2) swap two rows. 

PROOF. By definition 8: A —» Z is a function with the following property: for any two 
elements a , h of A with a ^ 0, there exist elements q and r such that 

b — qa + r, with r = 0 or 8(r) < 8(a). 

Apply an operation of type (r2) so that the element of the first column with the minimum 8 is 
in the (1,1)-position. If an divides all elements in the first column, we can use operations 
of type (rl) to make all the remaining elements of the first column zero. If not, we can use 
(rl) to get an element in the first column that has smaller 5-value than an, and put that in the 
(1,1) position. Repeat — eventually, we will have the gcd of the original elements in the first 
column in the (1,1) position and zeros elsewhere. Then move onto the next column_ □ 

Remark 2.45 (a) The operations (rl) and (r2) are invertible in matrices with coefficients 
in A, and they correspond to multiplying on the left with an invertible matrix in M n (A). 
Hence we have shown that there exists an invertible matrix U in M n (A) such that UM is 
upper triangular. On taking transposes, we find that for every matrix M e M n (A), there is 
an invertible matrix U in M n (A) such that MU is lower triangular. 

(b) Take A — Z (for simplicity), and add the (invertible) operation: 

(r3) multiply a row by — 1. 

Using (rl,r2,r3), it is possible to make the triangular matrix T = UM satisfy the follow¬ 
ing conditions (assuming det (M) ^ 0): 
an > 0 for all i ; 

the elements a ;/ of the j th column satisfy 0 < a,y < ajj. 

Then T is unique. It is called the Hermite normal form of A. 
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Consider the field K — Q[a] generated over O by the algebraic integer a with minimum 
polynomial f(X). Let {coi, ...,co„} be a basis for Ok as a Z-module, and write 

A = M ■ £2 

where A = (La, ...,a” _1 ) tr and Q — (a>i, ...,(o n ) a . Choose U so that MU is lower trian¬ 
gular (and in Hermite normal form), and write 

A = mu-u-'v = T-W. 

Here £2’ = [/ -1 f2 is again a Z-basis for Ok , and Q’ = T _1 • A with T~ l also lower 
triangular (but not necessarily with integer coefficients). Thus 
co[ = a 11 1 ; 

<x>2 = 0211 +a 2 2or, 
etc., 

where d -aij eZ , d — |det(A/)| = |det(T)|. 

Example 2.46 Let K — Q[Vn7], m square-free, m = 1 (mod 4). The integral basis 

1 + 

’ 2 


is of the above form. 

In Pohst and Zassenhaus 1989, 4.6, there is an algorithm that, starting from a monic 
irreducible polynomial 


f(X) = X n +a l X n ~ l +--- + a n , a n e Z, 
constructs an integral basis co\, ...,co n , such that 

m = {^2,a ik a l j /Ni 

where 

a is a root of f(X), cij k e Z, iV/eZ, gcd(o ; i, —,an) = L 
In an Appendix, they use it to show that <Q>[a], where a is a root of 

f(X) = X 11 + 101A 10 + 415IX 9 4-332150625, 

has an integral basis 
0)1 = 1 , 

= (l/2)a + 1/2 
o>3 = (l/4)a 2 - 1/4 

co 4 = (l/8)a 3 + (l/8)a 2 — (l/8)a — 1/8 


co n = (1 /9103145472000)a 10 4-4064571 /49948672. 

The discriminant of / is 2 130 x 3 12 x 5 12 x 29 18 x 82231 6 , and the index of Z[a\ in Ok 
is 2 56 x 3 6 x 5 3 x 29 9 . 
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The first step is to compute D{ 1 .a.a 2 ,...) = disc(/ (X)) and to find its square factors. 
Finding the square factors of disc( / ( A)) is the most time-consuming part of the algorithm. 
The time taken to factor an A-digit number is exponential in the number of digits of N. 
Every computer can factor a 50 digit number easily, but after that it becomes rapidly more 
difficult. Hundred digit numbers are already difficult. Thus this is not a good algorithm in 
the above sense. Once one has found the square factors of disc(/(A)) the algorithm for 
computing an integral basis of the above form is good. 

Using PARI 

To determine whether a polynomial / is irreducible, use polisirreducible(f). For 
example, polisirreducible (X~5+17*X~4+3*X~3+2*X"2+X+1) returns 1, which means 
that X 5 + 17A 4 + 3A 3 + 2X 2 + X + 1 is irreducible, and polisirreducible(X"2-l) 
returns 0, which means that X 2 — 1 is reducible. 

To find the discriminant of a polynomial /, use poldisc (f). For example, 
poldisc(X~5+17*X~4+3*X~3+2*X"2+X+1) returns 285401001, and poldisc(X~2+3) 
returns -12. 

To study the stem field of a polynomial /, use nf init (f). For example, 
nfinit(X~5-5*X~3+4*X-1)returns 
[X~5 - 5*X~3 + 4*X - 1, [5, 0], 38569, ...] 

which means that X 5 — 5X 3 + 4X — 1 has 5 real roots and no nonreal roots and that its stem 
field Q[a] has discriminant 38569. Moreover, typing 
nfbasis(X~5-5*X~3+4*X-1)returns 
[1, X, X~2, X~3, X~4], 

which means that {l,a,a 2 ,a 3 ,a 4 } is an integral basis for Q[a] (cf. p40). 

On the other hand, typing 
nf init (X~2+3) returns 
[X~2 + 3, [0, 1], -3, ...] 

which means that, X 2 + 3 has no real roots and one conjugate pair of complex roots, and 
that the field Q[ V^3] has discriminant —3. Moreover, typing 
nf basis (X~2+3) returns 
[1, 1/2*X + 1/2], 

which means that ] 1, | V—3 + \! is an integral basis for Q[V~3], 


For Dedekind’s polynomial in (2.38), PARI says that it has one real root and one 
conjugate pair of nonreal roots, and that its stem field has discriminant —503. It finds the 
integral basis (1 ,a. ^a 2 + ^a}. Note that 


Z[a] — Z[l,a,a 2 + a], 


and that 



as predicted by Equation 7, p38. 

Notes As noted earlier, it was Dedekind who found the correct definition of the ring of integers 
in a number fields. Earlier authors either luckily chose the correct ring, e.g., Rummer chose Z[£], 
£" = 1, which is the ring of integers in Q[£], or unluckily chose the wrong ring, e.g., Euler gave a 
proof of Fermat’s last theorem for the exponent 3, which becomes correct when the ring Z[V—3] is 
replaced in the proof by its integral closure Z[£], £ 3 = 1. 
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Exercises 

2-1 Since Z[ V5] is not integrally closed, it can not be a unique factorization domain. Give 
an example of an element of Z[V5] that has two distinct factorizations into irreducible 
elements. 


2-2 Let A be an integrally closed ring, and let K be its field of fractions. Let f(X ) e A[X] 
be a monic polynomial. If f(X) is reducible in K[X\, show that it is reducible in A[X], 

2-3 Show that if L/K is not separable, then disc (L/K) = 0. 

2-4 Let a = (2, 1 + a/— 3) in Z[V —3]. Show that a ^ (2), but a 2 = (2)a. Conclude that 
ideals in Z[V— 3] do not factor uniquely into prime ideals. (Hence Z[V^3] is the wrong 
choice for the ring of integers in Q[v / —3]-) 

2-5 Let A be a subring of a ring B , and let [1 be a unit in B. Show that every a € 
A[/3] n ,4[/3^’] is integral over A. [This has a short solution, but it’s not obvious.] 

2-6 Let K = Q['/7. Vld)], and let a, be an algebraic integer in K. The following argument 
will show that Ok ^ Z[a], 

(a) Consider the four algebraic integers: 

ai = (1 + V7)(l + x/Xo); 

<x 2 = (1 + V7)(l — vTo); 

a 3 = (1 -x/7)(1 + x/T0)| 

a 4 = (l-V7)(l-VIO). 

Show that all the products a, a j , i / j , arc divisible by 3 in Ok- but that 3 does not divide 
any power of any a,-. [Hint: Show that a" / 3 is not an algebraic integer by considering its 
trace: show that Tr(af) = (V'cr") = 4 n (mod 3) in Z[al; deduce Tr(af) = 1 (mod 3) in Z.] 

(b) Assume now that Ok = Z[a] — we shall derive a contradiction. Let / (X ) be the 
minimum polynomial of a over Q. For g(X) € Z[X\, let g(X ) denote the image of g in 
F 3 [A], F 3 = Z/(3). Show diat g(a) is divisible by 3 in Z[a] if and only if g is divisible by 
/ in F 3 |A’]. 

(c) For each i, 1 < i < 4, let f] be a polynomial in Z[X\ such that a, = fi{a). Show 
that f\fifj (i j) in F 3 [A], but that / does not divide fA for any n. Conclude that for 
each i, f has an irreducible factor which does not divide J) but does divide all fj, j ^ i. 

(d) This shows that / has at least four distinct irreducible factors over F 3 . On the other 
hand, / has degree at most 4. Why is this a contradiction? 

2-7 Let A be an integral domain, and let B be the integral closure of A in a finite extension 
L of its field of fractions K. Let S be a multiplicative subset of A. Show that S~ x B is the 
integral closure of S -1 A in L. 

2-8 Let p be a prime ideal in an integral domain A. Show that A p /pA p is the field of 
fractions of A/pA. 
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Dedekind Domains; Factorization 


Es steht schon bei Dedekind. 
(It’s already in Dedekind.) 
Emmy Noether 


In this Chapter, we define the notion of a Dedekind domain, and prove that 

o ideals in Dedekind domains factor uniquely into products of prime ideals, and 
o rings of integers in number fields arc Dedekind domains, 

but first we consider a local version of a Dedekind domain. 


Discrete valuation rings 

The following conditions on a principal ideal domain arc equivalent: 

(a) A has exactly one nonzero prime ideal; 

(b) up to associates, A has exactly one prime element; 

(c) A is local and is not a field. 

A ring satisfying these conditions is called a discrete valuation ring. Later we shall define 
discrete valuations, and so justify the name. 

def 

Example 3.1 The ring Z ( p ) = {“ € Q | n not divisible by p} is a discrete valuation ring 
with ( p ) as its unique nonzero prime ideal. The units in Z( p ) are the nonzero elements m/n 
with neither m nor n divisible by p, and the prime elements are those of the form unitx p. 

In a discrete valuation ring A with prime element n, nonzero elements of A can be 
expressed uniquely as un m with u a unit and m > 0 (and m > 0 unless the element is a unit). 
Every nonzero ideal in A is of the form (n m ) for a unique m e N. Thus, if a is an ideal in 
A and p denotes the (unique) maximal ideal of A, then a = p'” for a well-defined integer 
m > 0. 

Recall that, for an ,4-module M and an m e M, the annihilator of m 

Ann(m) — {a € A \ am = 0}. 

It is an ideal in A, which is proper if in ^ 0. Suppose that A is a discrete valuation ring, 
and let c be a nonzero element of A. Let M = A/(c). What is the annihilator of a nonzero 
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element b + (c) of Ml Fix a prime element it of A, and let c — un m , b — V7i n with u and 
v units. Then n < m (else b + (c) = 0 in M), and 

Ann (b + (c)) = (n m ~ n ). 

Thus, a b for which Ann(& + (c)) is maximal, is of the form vn m ~ 1 , and for this choice 
Ann(& + (c)) is a prime ideal generated by We shall exploit these observations in the 
proof of the next proposition, which gives a criterion for a ring to be a discrete valuation 
ring. 

Proposition 3.2 An integral domain A is a discrete valuation ring if and only if 

(a) A is Noetherian, 

(b) A is integrally closed, and 

(c) A has exactly one nonzero prime ideal. 

PROOF. The necessity of the three conditions is obvious, and so let A be an integral domain 
satisfying (a), (b), and (c). We have to show that every ideal in A is principal. As a first step, 
we prove that the nonzero prime ideal is principal. Note that (c) implies that A is a local ring. 

def 

Choose an element c e A, c 7 ^ 0, c ^ unit, and consider the 4-module M — A /(c). For 
each nonzero element m of M, 

Ann(m) = {a e A \ am = 0} 

is a proper ideal in A. Because A is Noetherian, we can choose an m so that Ann(m) is 
maximal among these ideals. Write m — b + (c) and p = Ann(/; + (c)). Note that cep, 
and so p ^ 0 , and that 

p = {a € A | c\ab}. 

I claim that p is prime. If not there exist elements x, y e A such that xy € p but neither x 
nor yep. Then yb + (c) is a nonzero element of M because y p. Consider Annfv’h + (c)). 
Obviously it contains p and it contains x, but this contradicts the maximality of p among 
ideals of the form Ann(m). Hence p is prime. 

I claim that | ^ A. Otherwise b — c ■ | e (c), and m = 0 (in M). 

I claim that | e A, and p = (|). By definition, p b C (c), and so p • | C A, and it is an 
ideal in A. If p • | C p, then | is integral over A (by 2.4, since p is finitely generated), and 
so | € A (because of condition (b)), but we know | ^ A. Thus p • ^ = A (by (c)), and this 
implies that p = (|). 

Let n — |, so that p = (j r). Let a be a proper ideal of A, and consider the sequence 

a C cur -1 C cur -2 C ■■■ . 

If an~ r = ajr -r_1 for some r, then Tz~ l (an~ r ) = an~ r , and tt _1 is integral over A (by 
2.4), and so lies in A — this is impossible (n is not a unit in A). Therefore the sequence 
is strictly increasing, and (again because A is Noetherian) it can’t be contained in A. Let 
m be the smallest integer such that an~ m C A but an~ m ~ l <£. A. Then a 7 r -m $£ p, and so 
an~ m — A. Hence a = (n m ). □ 
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Dedekind domains 

Definition 3.3 A Dedekind domain is an integral domain A such that 

(a) A is Noetherian, 

(b) A is integrally closed, and 

(c) every nonzero prime ideal is maximal. 

Thus Proposition 3.2 says that a local integral domain is a Dedekind domain if and only 
if it is a discrete valuation ring. 

Proposition 3.4 Let A be a Dedekind domain, and let S be a multiplicative subset of A. 
Then S ~ 1 A is a Dedekind domain. 

PROOF. Condition (c) says that there is no containment relation between nonzero prime ide¬ 
als of A. If this condition holds for A. then (1.12) shows that it holds for ,S' _I A. Conditions 
(a) and (b) follow from the next lemma. □ 

Proposition 3.5 Let A be an integral domain, and let S be a multiplicative subset of A. 

(a) If A is Noetherian, then so also is S~ x A. 

(b) If A is integrally closed, then so also is S~ x A. 

PROOF, (a) Let a be an ideal in S _ 1 A. Then a = 5 _1 (aD A) (see 1.11), and so a is 
generated by every (finite) set of generators for a (A A. 

(b) Let a be an element of the field of fractions of A (= field of fractions of S~ x A) that 
is integral over S~ 1 A. Then 

a m +a\a m ~ x 4 - \-a m = 0 , some at e S _ 1 A. 

For each i, there exists an Si € S such that s,a, e A. Set s = .s] • ■ ■ s m e S, and multiply 
through the equation by s m : 

(sa) m + sa i (sa ) m - 1 + • • ■ + s m a m = 0. 

This equation shows that sa is integral over A, and so lies in A. Hence a = ( sa)/s € S _1 A. n 

Proposition 3.6 A noetherian integral domain A is a Dedekind domain if and only if, for 
every nonzero prime ideal p in A, the localization A p is a discrete valuation ring. 

PROOF. =>: We saw in (1.13a) that A p is local, and the proposition implies that it is 
Dedekind. 

<=: We have to show that A is integrally closed. Let x be an element of the field of 
fractions of A that is integral over A, and let a be the set of elements a of A such that 
ax € A. For each nonzero prime ideal p in A, x e Ap, and so there exists an s € A \ p such 
that sx € A. Now a is an ideal not contained in any maximal ideal of A, and so a = A. In 
particular, lea. □ 

According to the above definition, a field is a Dedekind domain. In future, we shall 
exclude fields from being Dedekind domains (conventions vary). 

Notes It’s not possible to drop “noetherian” from (3.6): there exist nonnoetherian integral domains 
A such that A p is a discrete valuation ring for all nonzero p. However, a commutative ring A such 
that A m is noetherian for all maximal ideals m is itself noetherian if every nonzero element of A is 
contained in only finitely many maximal ideals (mol 14715). 
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Unique factorization of ideals 

The main result concerning Dedekind domains is the following. 

Theorem 3.7 Let A be a Dedekind domain. Every proper nonzero ideal a of A can be 
written in the form 

* = P?-Pn n 

with the p; distinct prime ideals and the r\ > 0 ; the p/ and the r, are uniquely determined. 
The proof will require several lemmas. 

Lemma 3.8 Let A be a Noetherian ring; then every ideal a in A contains a product of 
nonzero prime ideals. 

PROOF. (Note the similarity to the proof of 1.4.) Suppose not, and choose a maximal 
counterexample a. Then a itself can not be prime, and so there exist elements x and y of A 
such that xy e a but neither x nor yea. The ideals a + (x) and a + ( y) strictly contain a, 
but their product is contained in a. Because a is a maximal counterexample to the statement 
of the lemma, each of a + (x) and a + (y) contains a product of prime ideals, and it follows 
that a contains a product of prime ideals. □ 

Lemma 3.9 Let A be a ring, and let a and b be relatively prime ideals in A ; for all m,n e N, 
a m and b n are relatively prime. 

PROOF. If a m and b n are not relatively prime, then they arc both contained in some prime 
(even maximal) ideal p. But if a prime ideal contains a power of an element, then it contains 
the element, and so p D a m 4 p D a and p D b n p D b. Thus a and ti are both contained 
in p, which contradicts the hypothesis. 

Alternative proof: We are given that there exist elements a e A and b e B such that 
a + b — 1. Consider 


1 — (a + b) r = a r + ( r 1 )a r l b-\ -p b r . 

If r >m+n — 1, then the term on the right is the sum of an element of a m with an element 
of b n . □ 

If p and p' are distinct prime ideals of a Dedekind domain, then condition (c) of the 
definition implies that p and p' are relatively prime, and the lemma shows that p m and p'” 
are also relatively prime for all m.n > 1 . 

Lemma 3.10 Let p be a maximal ideal of an integral domain A, and let q be the ideal it 
generates in A p , q = pA p . The map 

a + p m ^a + q m :A/p m ^A p /q m 

is an isomorphism for all m e N. 

PROOF. We first show that the map is one-to-one. For this we have to show that q m D A — p m . 
But q m — S~ 1 p' n , S — A — p, and so we have to show that p m — (S~ 1 p' n ) n A. An element 
of (,S ,_ 1 p OT ) fl A can be written a — b/s with b e p m , s e S, and a e A. Then sa e p m , and 
so sa — 0 in A/p m . The only maximal ideal containing p m is p (because m7p ffl 4niDp), 
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and so the only maximal ideal in A/p' n is p/p'”; in particular, A/p m is a local ring. As 
5 + p m is not in p/p" 2 , it is a unit in A/p'”, and so sa = 0 in A/p m =>• a = 0 in A/p m , i.e., 
a <E p m . 

We now prove that the map is surjective. Let - e A p . Because s / p and p is maximal, 
we have that ( 5 ) + p = A, i.e., ( s ) and p are relatively prime. Therefore (s) and p'” are 
relatively prime, and so there exist b e A and q e p m such that bs + q — 1. Then b maps to 
W 1 in A p /q'” and so ba maps to j. More precisely: because s is invertible in A p /q m , | is 
the unique element of this ring such that Sj = < 2 ; since s{ba) = a( 1 — q), the image of ba 
in A p also has this property and therefore equals |. □ 

Remark 3.11 With the notations of Proposition 1.11 , we have shown in the above proof 
that a ec = a if a is a power of a maximal ideal p and S = S \ p. 


We now prove that a nonzero ideal a of A can be factored into a product of prime ideals. 
According to 3.8 applied to A, the ideal a contains a product of nonzero prime ideals, 

b = P?-P^- 

We may suppose that the p,- are distinct. Then 

A/b ~ A/pp 1 x ■■■ x A/p'/™ ~ A Pl /q? x ■■ ■ x Ap m /q£" 

where q,- = p, A p/ is the maximal ideal of A p; . The first isomorphism is given by the Chinese 
Remainder Theorem (and 3.9), and the second is given by (3.10). Under this isomorphism, 
a/b corresponds to q^V^i* x ••• x q,'/"/qj/" for some .q < r, (recall that the rings A p; are 
all discrete valuation rings). Since this ideal is also the image of p, 1 ■■■pm' under the 
isomorphism, we see that 

a = P S l---Pm ™ A / b - 

Both of these ideals contain b. and so this implies that 

a = Pl 1 -p5r 

in A (because there is a one-to-one correspondence between the ideals of A/b and the ideals 
of A containing b). 

To complete the proof of Theorem 3.7, we have to prove that the above factorization is 
unique. Suppose that we have two factorizations of the ideal a. After adding factors with 
zero exponent, we may suppose that the same primes occur in each factorization, so that 

Pl-Pm =* = Pi ■■■ Pm 

say. In the course of the above proof, we showed that 

qf = aA P, = q? 

where q, the maximal ideal in A P; . Therefore Sj — t, for all i. 

Remark 3.12 Note that 


Si > 0 


aA Pl . / A P/ 


a C p;. 
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Corollary 3.13 Let a and b be ideals in A; then 


a C b -<=4- cl4 p C bA p 

for all nonzero prime ideals p of A. In particular, a = b if and only if aAp = bAp for all p. 
PROOF. The necessity is obvious. For the sufficiency, factor a and b 

a = P b = Pi 1 '"Pm> n,Si> 0. 


Then 


aA Vi C bAp; ri >si, 

(recall that A Vi is a discrete valuation ring) and r, > Si all i implies a C b. 


□ 


Remark: Let a = pj 1 ■■■p S m and b = p^ 1 ■■■pm with Si, ti > 0. Then 

3 13 

a|b 4=4*- Si < ti all i 4=4- p^' A P[ D p-' A Pi all i 4=4- a D b. 

In the terminology of the introduction, this says that an ideal factor a divides an ideal factor 
b if and only if it divides a larger set of numbers. 

Corollary 3.14 Let A be an integral domain with only finitely many prime ideals; then 
A is a Dedekind domain if and only if it is a principal ideal domain. 

PROOF. Assume A is a Dedekind domain. After (3.7), to show that A is principal, it suffices 

to show that the prime ideals are principal. Let pi. p m be these ideals. Choose an element 

xi e pi — pj. According to the Chinese Remainder Theorem (1.14), there is an element 
xei such that 

x = x\ modpf. x=l mod pi, z / I. 

Now the ideals pi and (x) generate the same ideals in A Vi for all i, and so they are equal in 
A (by 3.13). □ 


Corollary 3.15 Let a D (i / 0 be two ideals in a Dedekind domain; then a = b + (a) 
for some a € A. 

PROOF. Let b = pj 1 ■■■pm' and a = pj 1 ■■■pm' with r t ,Sj > 0. Because b C a, Sj < r,- for 

S' S' I J 

all i. For 1 < i < m, choose an x; e A such that x, e p ; -', Xj £ p.‘ . By the Chinese 

Remainder Theorem, there is an a e A such that 

a = Xi mod p'', for all i. 

Now one sees that b + (a) — a by looking at the ideals they generate in A p for all p. □ 

Corollary 3.16 Let a be an ideal in a Dedekind domain, and let a be any nonzero 
element of a; then there exists ab € a such that a = (a,b). 

Proof. Apply (3.15) to a D (a). □ 


Corollary 3.17 Let a be a nonzero ideal in a Dedekind domain; then there exists a 
nonzero ideal a* in A such that aa* is principal. Moreover, a* can be chosen to be relatively 
prime to any particular ideal c, and it can be chosen so that aa* — (a) with a any particular 
element of a (but not both). 
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Proof. Let fl e o, fl / 0; then a D (a), and so we have 

(«) = P? • ■ ■ P^" and a = p\ l • • • , s t < r t . 

If a* = p; i_vi then aa* = (a). 

We now show that a* can be chosen to be prime to c. We have a D ac, and so (by 3.15) 
there exists an a e a such that a = ac + (a). As a D (a), we have ( a ) = a ■ a* for some ideal 
a* (by the above argument); now, ac + aa* = a, and so c + a* = A. (Otherwise c + a* C p 
some prime ideal, and ac + aa* = a(c+a*)Cap^ a.) □ 

In basic graduate algebra courses, it is shown that 

A a principal ideal domain A is a unique factorization domain. 

The converse is false because, for example, k[X, Y] is a unique factorization domain in 
which the ideal ( X, Y ) is not principal, but it is true for Dedekind domains. 

Proposition 3.18 A Dedekind domain that is a unique factorization domain is a principal 
ideal domain. 

PROOF. In a unique factorization domain, an irreducible element tt can divide a product 
he only if tt divides h or c (write be — nq and express each of h, c, and q as a product of 
irreducible elements). This means that (tt) is a prime ideal. 

Now let A be a Dedekind domain with unique factorization. It suffices to show that each 
nonzero prime ideal p of A is principal. Let a be a nonzero element of p. Then a factors into 
a product of irreducible elements (see 1.4) and, because p is prime, it will contain one of 
these irreducible factors n. Now p D (tt) D (0), and, because (tt) is a nonzero prime ideal, 
it is maximal, and so equals p. □ 


The ideal class group 

Let A be a Dedekind domain. A fractional ideal of A is a nonzero A-submodule a of A' 
such that 

da = {da \ a e a} 

is contained in A for some nonzero d e A (or K), i.e., it is a nonzero A-submodule of K 
whose elements have a common denominator. Note that a fractional ideal is not an ideal 
unless it is contained in A — when necessary to avoid confusion, we refer to the ideals in A 
as integral ideals. 

A fractional ideal a is a finitely generated A-module, because d a is an integral ideal, 
hence finitely generated, for some d ^ 0, and the map x i->- dx: a —>• r/a is an isomorphism 
of A-modules. Conversely, a nonzero finitely generated A-submodule of A" is a fractional 
ideal, because a common denominator for the generators will be a common denominator for 
all the elements of the module. 

Every nonzero element b of K defines a fractional ideal 

(b) = bA = {ba | a € A}. 

A fractional ideal of this type is said to be principal. 

The product of two fractional ideals is defined in the same way as for (integral) ideals 


a-b = {J2 a ibi | a; 6 a, b ; eb}. 
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This is again a fractional ideal: it is obviously an A-module, and if d a C A and eb C ,4, then 
deab C A. For principal fractional ideals, (a){b) = ( ab). 

Example 3.19 Let A be a discrete valuation ring with maximal ideal p and field of fractions 
K. Write n for a generator of p. Every nonzero element of K can be written uniquely in the 
form a — ujz m with u a unit in A and m € Z. Let a be a fractional ideal of A. Then da C A 
for some d e A, and we can suppose d — n n . Thus n n a is an ideal in A, and so it is of the 
form (n m ) for some m > 0. Clearly, a = (ji m ~ n ). Thus the fractional ideals of A are of the 
form (; n m ), m e Z. They form a free abelian group Id(,4) of rank 1, and the map 

(7r m ):Z^Id04) 


is an isomorphism. 

Theorem 3.20 Let A be a Dedekind domain. The set Id(A) of fractional ideals is a group; 
in fact, it is the free abelian group on the set of nonzero prime ideals. 

PROOF. We have noted that the law of composition is well-defined. It is obviously commu¬ 
tative. For associativity, one checks that 

(ab)c = | cii e a, bj e b, c,- e c| = a(bc). 

The ring A plays the role of an identity element: a, 4 = a. In order to show that Id(,4) is a 
group, it remains to show that inverses exist. 

Let a be a nonzero integral ideal. According to (3.17), there is an ideal a* and an a € A 
such that on* = (a). Clearly a - (a -1 a*) = A, and so a -1 a* is an inverse of a. If a is a 
fractional ideal, then d a is an integral ideal for some d, and d ■ (d a) -1 will be an inverse for 
a. 

It remains to show that the group Id(A) is freely generated by the prime ideals, i.e., that 
each fractional ideal can be expressed in a unique way as a product of powers of prime ideals. 
Let a be a fractional ideal. Then da is an integral ideal for some d e A, and we can write 

da= p^ 1 •••p^ 7 , (d) = Pi 1 --pST- 

Thus a = pj 1 V| ■ ■ • Pm" ‘ v " 7 . The uniqueness follows from the uniqueness of the factorization 
for integral ideals. □ 

Remark 3.21 (a) Conversely, E. Noether showed that an integral domain whose fractional 
ideals form a group under ideal multiplication is a Dedekind domain (see Cohn 1991, 
Theorem 4.6). 

(b) Let S be a multiplicative subset in a Dedekind domain A, and let As = S -1 A. It is 
an integral domain with the same field of fractions as A: 

ACA S CK. 

For any fractional ideal aofri, 1 S ,_1 a= f {||aea, seSJisa fractional ideal of A$. It is 
the As-module generated by a. The following hold for all fractional ideals a and b. 


5 _1 (ab) = (5 ,_1 a)(5 _1 b), 5 _1 a _1 = (ari^) -1 . 



The ideal class group 


53 


(c) Here is a more direct proof, not using (3.17), that inverses exist in Id(.4). For any 
fractional ideal a, define 

a' = {a e K \ aa c ^4}. 

This is an ,4-module, and if cl e ay/ / 0. then da' C A, and so a! is a fractional ideal. From 
the definition of a!, we see that an' is an ideal in A. If it is not equal to A, then it is contained 
in some prime ideal p. When we pass to A p , the inclusion an' C p becomes bb' C q, where 
b, b\ and q are the ideals in A p generated by a, a', and p. Moreover, 

b' — {<3 e K | ab C A p }. 

But q = (n), and b = (n m ) — :x m ■ A p for some m € Z. Clearly b' = n~ m A p , and so 
bb' = A p — we have a contradiction. 

We define the ideal class group Cl( A) of A to be the quotient C\(A) = \A(A)/P(A) of 
Id(.4) by the subgroup of principal ideals. The class number of A is the order of C\(A) 
(when finite). In the case that A is the ring of integers Ok in a number field K, we often 
refer to C\(Ok) as the ideal class group of K, and its order as the class number of K. 

One of the main theorems of these notes will be that the class number Hk of a number 
field K is finite. Understanding how the class numbers of number fields vary remains an 
interesting problem. For example, the class number of Q[ x /— m\ for m positive and square- 
free is 1 if and only if m — 1,2,3,7,11,19,43,67,163. It not difficult to show that these 
fields have class number 1, but it was not until 1954 that it was shown (by Heegner) that 
there were no more (and for more than 15 years, no one believed Heegner’s proof to be 
correct). We have seen that Z[ \/—5] is not a principal ideal domain, and so can’t have class 
number 1— in fact it has class number 2. The method we use to prove that the class number 
is finite is effective: it provides an algorithm for computing it. There are expected to be an 
infinite number of real quadratic fields with class number one, but this has not been proved. 
Using the equivalent language of binary quadratic forms (see Chapter 4), Gauss showed that 
the class group of a quadratic field Q{\fd] can have arbitrarily many cyclic factors of even 
order. 

It is known that every abelian group can be realized as the class group of a Dedekind 
domain (not necessarily the ring of integers in a number field ). 1 

Example 3.22 Consider the affine elliptic curve 

Y 2 = X 3 +aX + b, A — —4a 3 — 27ft 2 7 ^ 0. 

The associated ring A = C[X, Y]/{Y 2 — X 3 — aX — b) of regular functions on A is a 
Dedekind domain, and its class group is uncountable. In fact, it is isomorphic in a natural 
way to C/A for some lattice A in C . 2 

Proposition 3.23 Let A be a Dedekind domain, and let S be a multiplicative set in A. 
Then a h* S ~ 1 a defines an isomorphism from the subgroup ofld(A) generated by prime 
ideals not meeting S to the group Id(iS _ 1 zl). 

'Clabom, Luther. Every abelian group is a class group. Pacific J. Math. 18 1966 219-222. 

2 Let E be the associated complete curve, and let Div°(£) be the group of divisors of degree zero on E. 
There is an obvious isomorphism Div°(£’) ~ Id(4) under which principal divisors correspond to principal 
ideals, and so 

Cl(4) ~ Pic°(£) ~ E(C) ~ C/A 

(Milne 2006,14.10, III 3.10). 
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PROOF. Immediate consequence of 1.12 and 3.20. □ 

Remark 3.24 Let A be a Dedekind domain with finite ideal class group. There is then a 

finite set of ideals a i. a m which is a set of representatives for the ideal classes. Clearly 

we may take the a/ to be integral. Let b be any nonzero element of (~j a ; -, and let S be the 
multiplicative set generated by b, S — {1, b,b 2 , ...}. I claim that .S ' -1 A is a principal ideal 
domain. 

By assumption, every ideal a C A can be written a = (a) ■ a,; for some a e K x and i, 
1 < i < m. Because the map b ha- 5 _1 b is a homomorphism we have S -1 a = (a) ■ 5 _1 a/ 
where (a) now denotes the ideal generated by a in S -1 A. Since S -1 a/ contains a unit, it is 
the whole ring. Thus 5 _1 a = (a), and we see that every ideal in S~ 1 A of the form .S' -1 a is 
principal. According to (1.11), all ideals of S -1 A are of this form. 

Remark 3.25 The following conditions on an integral domain A are equivalent: 

(a) A is a Dedekind domain; 

(b) for every prime ideal p of A, A p is a discrete valuation ring; 

(c) the fractional ideals of A form a group; 

(d) for every fractional ideal a of A, there is an ideal b such that ab = A. 

We have seen that (a) implies (b) , (c), and (d), and the same arguments show that (b) 
implies (c) and (d). The conditions (c) and (d) are obviously equivalent, and we have already 
noted in (3.21) that (c) implies (a). 


Discrete valuations 

Let A' be a field. A discrete valuation on K is a nonzero homomoiphism v. K x —> 7L such 
that v(a + b) > minfup), v(b)). As v is not the zero homomoiphism, its image is a nonzero 
subgroup of Z, and is therefore of the form m Z for some m e Z. If m = 1, then v : K x -> Z 
is surjective, and v is said to be normalized ; otherwise, x i - h >- m~ ] ■ v(x) will be a normalized 
discrete valuation. We extend v to a map A^-ZU {oo} by setting v(0) = oo, where oo is a 
symbol > n for all n e Z. 

Note that, for a discrete valuation ord, 


ord(«i 4 - \-a m ) > min(ord(< 3 i),ord(a 2 4- \-a m ))>---> min (ord(a;)). ( 8 ) 

1 <i<m 

Example 3.26 (a) Let M. be the field of meromorphic functions on a connected open 
subset U of the complex plane (or, better, a compact Riemann surface), and let / e M. x . 
For each P € U, define ord p(f) to be —m, m, or 0 according as / has a pole of order m 
at P, a zero of order m at P, or neither a pole nor a zero at P. Then ord/> is a normalized 
discrete valuation on A4. 

(b) Let A be a principal ideal domain with field of fractions K, and let n be a prime 
element of A. Then each element c of K x can be expressed uniquely in the form c = JT m 
with me Z and a and b elements of A relatively prime to n. Define v(c) = m. Then v is a 
normalized discrete valuation on K. 

(c) Let A be a Dedekind domain and let p be a prime ideal in A. For any c e K x , let p' ,( ^ 
be the power of p in the factorization of (c) (so v(c) is the exponent of p in the factorization 
of (c)). Then v is a normalized discrete valuation on K. 
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In all these examples, we have that v(a + b) = v(b) if v(a) > v(b). This is in fact a 
general property of discrete valuations. First note that v(£) = 0 for any element of K x of 
finite order because v is a homomorphism and Z has no elements of finite order; hence 
v(—a) = v(— 1) + v(a) = v(a). Therefore, if v(a) > v(b), we have 

v(b ) = v(a + b — a)) > min(u(a + b),v(a )) > min(v(a),i;(6)) = v(b), 

and so equality must hold throughout, and this implies v(a + b) — v(b). 

We often use “ord” rather than “v” to denote a discrete valuation; for example, we often 
use ordp to denote the normalized discrete valuation defined by p in (c). 

Example (b) shows that every discrete valuation ring gives rise to a discrete valuation on 
its field of fractions. There is a converse to this statement. 

Proposition 3.27 Let v be a discrete valuation on K, then 

A = {a e K \ v(a) > 0} 

is a principal ideal domain with maximal ideal 

m = {a e K \ v(a) > 0}. 

If v(K x ) — mZ, then the ideal m is generated by every element n such that v(jt) — m. 
Proof. Routine. □ 

Later we shall see that a discrete valuation ord defines a topology on K for which two 
elements x and y are close if ord(x — y) is large. The Chinese Remainder Theorem can be 
restated as an approximation theorem. 

Proposition 3.28 Let x\, ...,x m be elements of a Dedekind domain A, and let pi, ...,p m 
be distinct prime ideals of A. For every integer n, there is an x € A such that 

ordp i (x — Xj)>n, i = 1,2, 

PROOF. From (3.9) we know that the ideals p” +1 are relatively prime in pairs, and so (1.14) 
provides us with an element x € A such that 

x = Xj modp” +1 , i = \,2,...,m, 

i.e., such that 

ordp ; (x —x,)>«. i = l,2,...,m. n 


Integral closures of Dedekind domains 

We now prove a result that implies that rings of integers in number fields are Dedekind 
domains, and hence that their ideals factor uniquely into products of prime ideals. 

Theorem 3.29 Let A be a Dedekind domain with field of fractions K, and let B be the 
integral closure of A in a finite separable extension L of K. Then B is a Dedekind domain. 
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PROOF. We have to check the three conditions in the definition of a Dedekind domain (see 
3.3). We first show that B is Noetherian. In (2.29) we showed that B is contained in a finitely 
generated A-module. It follows that every ideal in B is finitely generated when regarded 
as an A-module (being a submodule of a Noetherian A-module) and a fortiori as an ideal 
(= 5-module). Next, B is integrally closed because of (2.16). It remains to prove that every 
nonzero prime ideal q of B is maximal. Let f € q, f yf 0. Then f J > is integral over A, and so 
there is an equation 

/3 n +a\f n ~ l H- \-a n = 0, dj € A, 

which we may suppose to have the minimum possible degree. Then a n f 0. As a n € [ J >B IT A, 
we have that q n A (0). But q IT A is a prime ideal (obviously), and so it is a maximal ideal 
p of A, and A/p is a field. We know B/q is an integral domain, and the map 

a + p i-> a + q 

identifies A/p with a subfield of B/q. As B is integral over A, B/q is algebraic over A/p. 
The next lemma shows that B/q is a field, and hence that q is maximal. □ 

Lemma 3.30 Every integral domain B containing a field k and algebraic over k is itself a 
field. 

PROOF. Let ft be a nonzero element of B — we have to prove that it has an inverse in B. 
Because f J > is algebraic over k, the ring k [f J >\ is finite-dimensional as a /<-vector space, and 
the map jc i fx:k[f] k[/3] is injective (because B is an integral domain). From linear 
algebra we deduce that the map is surjective, and so there is an element ft € k [f J >] such that 

/T = L 

In fact. Theorem 3.29 is true without the assumption that L be separable over K — see 
Janusz 1996, 1 6.1 for a proof of the more general result. The added difficulty is that, without 
the separability condition, B may fail to be finitely generated as an A-module, and so the 
proof that it is Noetherian is more difficult. 


Modules over Dedekind domains (sketch). 

The structure theorem for finitely generated modules over principal ideal domains has an 
interesting extension to modules over Dedekind domains. Throughout this subsection, A is a 
Dedekind domain. 

First, note that a finitely generated torsion-free A-module M need not be free. For 
example, every fractional ideal is finitely generated and torsion-free but it is free if and only 
if it is principal. Thus the best we can hope for is the following. 

Theorem 3.31 Let A be a Dedekind domain. 

(a) Every finitely generated torsion-free A-module M is isomorphic to a direct sum of 
fractional ideals, 

M ss n i © ■ ■ • © n m . 

(b) Two finitely generated torsion-free A-modules M % a i © ■ • • © a m and N « bi © • • • © 
b n are isomoiphic if and only if m — n and ]/[ a ; = ]”[ modulo principal ideals. 
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Hence, 

M *3 n 1 © • • • © Cl m ^ H©---©H©Cli" - dm ■ 

Moreover, two fractional ideals a and b of A are isomorphic as ,4-modules if and only if they 
define the same element of the class group of A. 

The rank of a module M over an integral domain R is the dimension of K © r M as a 
AT vector space, where K is the field of fractions of R. Clearly the rank of M ai©---© dm 
is m. 

These remarks show that the set of isomorphism classes of finitely generated torsion-free 
.4-modules of rank 1 can be identified with the class group of A. Multiplication of elements 
in C1(A) corresponds to the formation of tensor product of modules. The Grothendieck 
group of the category of finitely generated ,4-modules is Cl (4) © Z. 

Theorem 3.32 (Invariant factor theorem) LetM D N be finitely generated torsion- 
free A-modules of the same rank m. Then there exist elements e\,...,e m of M , fractional 
ideals m,.... a m , and integral ideals bi D &2 7 ... D b m such that 

M = aiei © ••• © d m e m , N = ai bifq ©•■■© a m b m e m . 


The ideals bi, b 2 , •••, b m are uniquely determined by the pair M D N, and are called the 
invariant factors of N in M. 

The last theorem also yields a description of finitely generated torsion 4-modules. 

For proofs of the above results, see Curtis and Reiner 1962, III, 22, Frohlich and Taylor 
1991, II 4, or Narkiewicz 1990, 1 3. 

Notes We sketch a proof of (3.31a). Let 4 be a Dedekind domain and a an ideal in A. According 
to Corollary 3.17, ab = (c) for some ideal b and c e A. If a = (a\,a 2 ), then c = a\b\ -\-a 2 b 2 with 
hi,£ b. The surjection (x,y) i->- a\x + a 2 \'. A 2 —> a has right inverse a (b\a/c,b 2 a/c), and 
so a is a direct summand of A 2 . Therefore, a is projective as an 4-module. 

More generally, every finitely generated torsion-free 4-module M is projective. This follows 
from the fact that 4 p ® M is free, hence projective, for every nonzero prime ideal p in 4 (because 
4 p is principal ideal domain). 

Let M be a finitely generated projective 4-module. Because M is projective, there exists a 
nonzero homomorphism M —*■ A. Its image is an ideal a in 4, and because a is projective, there 
exists a section to the map M -» a, and soM«o® M 1 for some submodule M\ of M. Now M\ is 
projective because it is a direct summand of a projective module, and so we can repeat the argument 
with M 1 . This process ends because M is noetherian. 

Notes The Jordan-Holder and Krull-Schmidt theorems both fail for finitely generated projective 
modules over non-principal Dedekind domains. For example, let a be an ideal in 4 having order 2 in 
the class group. According to (3.31), a © a % 4 © 4, which contradicts both theorems as a f A. 


Factorization in extensions 

Let 4 be a Dedekind domain with field of fractions K, and let B be the integral closure of A 
in a finite separable extension L of K. 

A prime ideal p of A will factor in 5, 

pB=y e l 1 -% e g g , e i> 1 . 

If any of the numbers is > 1, then we say that p is ramified in B (or L). The number 
e, is called the ramification index. We say divides p (written ip|p) if 'j3 occurs in the 
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factorization of p in B. We then write c('p/p) f° r the ramification index and /('P/p) for 
the degree of the field extension [ri/'p: 4/p] (called the residue class degree). A prime p is 
said to split (or split completely) in L if <?; = f) = I for all i , and it said to be inert in L if 
pi? is a prime ideal (so g = 1 = e). 

For example, (2) = (1 + i) 2 in Z[i\, and so (2) ramifies with ramification index 2. On 
the other hand, (3) is inert in Q[/] with residue field Z[/]/(3) = Fg, and (5) splits as the 
product of two prime ideals (5) = (2 + i)(2 — i). 

Lemma 3.33 A prime ideal ip of B divides p if and only if p = ip n K. 

PROOF. Clearly p c ip D K and *p fl K f A. As p is maximal, this implies that 
p =<pn A". 

If p C ip, then p B C 'p, and we have seen (3.12) that this implies that 'P occurs in 
the factorization of p B. □ 

Theorem 3.34 Letm be the degree of L over K, and let iPi, ...,ip^ be the prime ideals 

dividing p; then 

g 

^2e,fi = m. (9) 

i=t 

If L is Galois over K, then all the ramification numbers are equal, and all the residue class 
degrees are equal, and so 

efg = m. (10) 

PROOF. To prove (9), we shall show that both sides equal [5/p B: A/p]. 

For the equality J2f= i e ifi = [5/p5: A/p], note that B/pB — B /\\~ \\B/ 
(Chinese Remainder Theorem), and so it suffices to show that [B/ ip.' : A /p] = e, f,. From 
the definition of f, we know that B /ip ; is a field of degree /,- over A/p. For each r,, 
'p ■' /ip ■' +1 is a B /ip,- -module, and because there is no ideal between ip[' and ip^' +1 , it 
must have dimension one as a 5/ip,--vector space, and hence dimension /,- as an ,4/p-vector 
space. Therefore each quotient in the chain 

5D<P/ D<P?D- O^Pf 

has dimension fi over A/p, and so the dimension of B/^' is e ; - f. 

The proof of the equality [B/pB:A/ p] = m is easy when B is a free A-module, for 
example, if A is a principal ideal domain, because an isomorphism A n —>• B of 4-modules, 
when tensored with K, gives an isomorphism K n —>■ L, which shows that n — m, and, when 
tensored A/p, gives an isomorphism (A/p)" —»• B/pB (see (3), p22), which shows that 
n = [B/pB\A/p}. 

Now let S be a multiplicative subset of A disjoint from p and such that S -1 A is principal 
(e.g., S = A — p). Write B' = S _1 5 and A' — S -1 A. Then B' is the integral closure of A' in 
L (Exercise 2-7), and pB' — ]~[(*p j B') e ' (see 3.23). Therefore ffei f — [B'/pB'\ A'/pA']; 
but A' is principal, and so [B'/pB'\A'/pA'] = m. This completes the proof of (9). 

Now assume L is Galois over K. An element o of Gal (L / K) maps B isomorphic ally 
onto itself. In particular, if ^p is a prime ideal of B , then Ap is also a prime ideal. Moreover, 
if 'p divides p, then it follows from (3.33) that o \p divides p. Clearly e{o\ P/p) = <?('p/p) 
and /(o'p/p) = /('P/p), and so it remains to show that Gal( L/K) acts transitively on the 
prime ideals of B dividing p. 
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Suppose and 0 both divide p, and suppose 0 is not conjugate to i.e., that for all 
a € Gal(L/AT), a'}] ^ £3. According to the Chinese Remainder Theorem, we can find an 
element f J > that lies in 0 but not in any of the ideals a'jJ. Consider b — Nm(/f) = ]~[ of). 
Then b e A, and as /3 e 0, it also lies in 0; hence b e 0 fl A — p. On the other hand, for 
all a e Ga\(L/K), /3 cr _1 fp, and so o/3 f)3. The fact that \\of) e p C contradicts the 

primality of fp. □ 


The primes that ramify 

In this subsection, we obtain a description of the primes that ramify in an extension. 

Theorem 3.35 Let L be a finite extension of a number field K, let A be a Dedekind 
domain in K with field of fractions K (e.g., A — Ok), and let B be the integral closure of 
A in L. Assume that B is a free A-module (this is true for example if A is principal ideal 
domain). Then a prime p ramifies in L if and only if p| disc( B / A). In particular, only finitely 
many prime ideals ramify. 

We obtain this as the consequence of a series of lemmas. 

Lemma 3.36 Let A be a ring and let B be a ring containing A and admitting a finite basis 
{e\, ...,e m ) as an A-module. For any ideal a of A, {e\ ..... <? m } is a basis for the A/a-module 
B/aB, and 

D(e\,...,e m ) = D(e\, ...,e m ) mod a. 

PROOF. As in the proof of (3.34), the isomorphism 

(,ai,...,a m ) i—> J2 a i e i'-A m -> B 

gives, when tensored with A/a, an isomorphism 

(ai,...,a m ) i > J2 a i^i'-(A/a) m -* B/a 

which shows that e\,...,e m is a basis for B/aB. The second assertion is obvious from the 
definitions. □ 

Lemma 3.37 Let A be a ring and let B i,.... B g be rings containing A and free of finite 
rank as A-modules. Then 


disc((] _ [ B,)/A) = ]~[disc(5//A). 

PROOF. Choose bases for each of the B, (as A-modules), and compute the discriminant 
of 5/A using the basis Sj. □ 

An element a of a ring is said to be nilpotent if a m = 0 for some m > 1.A ring is said 
to be reduced if it has no nonzero nilpotent elements. 

Recall that a field k is said to be perfect if every finite extension K / k is separable, and 
that a field k of characteristic p yf 0 is perfect if and only if every element of k is a pth power 
(FT 2.16). A finite field k of characteristic p is perfect because the map x i - a - x p :k —> k is 
injective and hence surjective. 
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Lemma 3.38 Letk be a perfect field, and let B be a k-algebra of finite dimension. Then B 
is reduced if and only if disc (B/k) ^ 0. 

PROOF. Let p yf 0 be a nilpotent element of B, and choose a basis for B with 

e\ = p. Then /ie, is nilpotent for all i, and so the k -linear map 

x i-> Pax: B —> B 

is nilpotent. Its matrix is also nilpotent, but a nilpotent matrix has trace zero—its minimum 
polynomial (and hence its characteristic polynomial) is of the form X r —and so the first row 
of the matrix (Tr(e,e,)) is zero. Therefore its determinant is zero. 

Conversely, suppose B is reduced. We first show that the intersection 91 of the prime 
ideals of B is zero (this, in fact, is true for every reduced Noetherian ring). Let b € B, b yf 0. 
Let E be the set of ideals of B containing no power of b. Because h is not nilpotent, E 
contains the zero ideal, and hence is nonempty. Because B is Noetherian, E has a maximal 
element p. We shall show that p is prime. Since b £ p, this will show that h 91. 

Let x, y be elements of B not in p. Then p + (x) and p + (y) strictly contain p, and so 

b m € p + (x), b n €p + (y) 


for some m , n , say, 

b' n — p + cx, b n — p' + c'y , p,p'€p, c,c'eB. 

Then b m+n = pp' + pc'y + p'cx + cc'xv ep + (xy), and so p + (xy) is not in E\ in 
particular, p + (xy) ^ p, and xy ^ p. Therefore p is prime ideal, which completes the proof 
that 91 = 0. 

Let p be a prime ideal of B. Then B/p is an integral domain, algebraic over k, and hence 
is a field (by 3.30). Therefore p is maximal. Let pi,p2, • • • ,pr be prime ideals of B. Since 
they are all maximal, they are relatively prime in pairs. Therefore the Chinese remainder 
theorem shows that 

B/^Pi=Y\B/pi (*). 

Note that 

[B:k]>[B/np i :k\ = Y,[B/Pf.k]>r. 

Therefore B has only finitely many prime ideals, say pi,...,p g where g < [B:k], and 
P|p, = 0. When we take r = g in (*) we find that 

For each /, B/p, is a held, and it is a finite extension of k. Because k is perfect, it is even a 
separable extension of k. Now we can apply (2.26) to deduce that disc(( B/pi)/k) p 0, and 
we can apply the preceding lemma to deduce that dis c(B/k) p 0. □ 

We now prove the theorem. From the first lemma, we see that 
disc(5/M) modp = disc((5/p5)/(^4/p)), 

and from the last lemma that disc((5/p5)/(^4/p)) = 0 if and only B/pB is not reduced. 
Let pB = n^L Then B/pB ~ \\B/Tp e ‘, and 

[\B/y ei is reduced each B /^3 e ' is reduced each e, = 1 . 
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Remark 3.39 (a) In fact there is a precise, but complicated, relation between the power 
of p dividing disc (B/A) and the extent to which p ramifies in B. It implies for example 
that ord p (disc( /?/,4)) > ^ f] (eg — 1), and that equality holds if no <?,- is divisible by the 
characteristic of A/p. See Serre 1962, III 6. 

(b) Let A be the ring of integers in a number field K, and let B be the integral closure 
of A in a finite extension L of K. It is possible to define disc (B/A) as an ideal without 
assuming B to be a free A-module. Let p be an ideal in A, and let S = A — p. Then 
S -1 A = Ap is principal, and so we can define discOS -1 #/^ 1 A). It is apower (pAp)" 2 ^ 
of pA p . Define 

disc(5/A) = np m <P>. 

The index m( p) is nonzero for only finitely many p, and so this formula does define an ideal 
in A. Clearly this definition agrees with the usual one when B is a free ,4-module, and the 
above proof shows that a prime ideal p ramifies in B if and only if it divides disc (B/A). 

Example 3.40 (For experts on Riemann surfaces.) Let X and Y be compact connected 
Riemann surfaces, and let a: Y -a X be a nonconstant holomorphic mapping. Write ,VJ( X ) 
and M.(Y) for the fields of meromorphic functions on X and Y. The map / ha- / o a is an 
inclusion M. (X) ^ M.(Y) which makes M.(Y) into a field of finite degree over A4(X); let 
m be this degree. Geometrically, the map is m: 1 except at a finite number of branch points. 

Let P € X and let Op be the set of meromorphic functions on X that are holomorphic 
at P — it is the discrete valuation ring attached to the discrete valuation ord/>, and its 
maximal ideal is the set of meromorphic functions on X that are zero at P . Let B be the 
integral closure of Op in M.(Y). Let a _1 (P) = {Q i , Q g } and let ej be the number 
of sheets of Y over X that coincide at Qi. Then pB = [~[ q^' where q,- is the prime ideal 

!/ 6 />’ I /((?;) = 0}. 

Finding factorizations 

The following result often makes it very easy to factor an ideal in an extension field. Again 
A is a Dedekind domain with field of fractions K, and B is the integral closure of A in a 
finite separable extension L of K. 

Theorem 3.41 Suppose that B = A[u\, and let f (X ) be the minimum polynomial of a 
over K. Let p be a prime ideal in A. Choose monic polynomials g\ (X),... ,g r (X) in A[X] 
that are distinct and irreducible modulo p, and such that f (X) = |~[ g, (X) e ‘ modulo p. Then 

p b = 

is the factorization ofpB into a product of powers of distinct prime ideals. Moreover, the 
residue held B/(p,gi (a)) ~ (A /p)[X]/ (gf), and so the residue class degree /,■ is equal to 
the degree of gj. 

PROOF. Our assumption is that the map X i-a- a defines an isomorphism 

A[X]/(/(X)) > B. 

When we divide out by p (better, tensor with A/p), this becomes an isomorphism 

k[X]/(f(X))^B/pB, X ha- a. 
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where k — A/p. The ring k[X\/(f) has maximal ideals (gq),.... (g r ), and \\{gi) ei = 0 
(but no product with smaller exponents is zero). The ideal (g ; ) in k[X\/ (/) corresponds 

def 

to the ideal (g, (a)) + p B in B/pB, and this corresponds to the ideal = (p. g, (a)) in 

B. Thus .is the complete set of prime ideals containing p B, and hence is the 

complete set of prime divisors of p (see 3.12). When we write pB = > then the e, 

are characterized by the fact that pB contains but it does not contain the product 

when any e, is replaced with a smaller value. Thus it follows from the above (parenthetical) 
statement that e, is the exponent of g, occurring in the factorization of /. □ 

Remark 3.42 When it applies the last theorem can be used to prove (3.34) and (3.35). For 
example, m — deg(/), and so the equation m = Y e i f, is simply the equation deg(/) = 
Y e i •deg(g ; ). Also, disc (B/A) — disc(/(A)), and this is divisible by p if and only if / (A) 
has multiple factors (when regarded as an element of (A/p)[X]), i.e., if and only if some 
ei > 0. 

Remark 3.43 The conclusion of the theorem holds for a particular prime p of A under the 
following weaker hypothesis: D(l,a, ...,a m ~ 1 ) = a-disc (B/A) with a an ideal of A not 
divisible by p. To prove this, invert any element of a not in p, and apply the theorem to the 
new ring and its integral closure. 


Examples of factorizations 

We use Theorem 3.41 to obtain some factorizations. 

Example 3.44 Let m ^ 1 be a square-free integer. We consider the factorization of prime 
integers in K — Q[V^]- Recall that D( 1, yfm) = 4m, and that disc(C)^/Z) = D( 1, y/m) 

if m = 2,3 mod 4, and that disc(Oj^/Z) = D( 1, y/m)/4 if m = 1 mod 4. In both cases, we 

can use the set {1, y/m} to compute the factorization of an odd prime p (see 3.43). Note that 
(3.34) allows only three possible factorizations of (p ) in Ok, namely, 

{p) = p 2 : (p) ramifies, e = 2, / = 1, g = 1; 

(p) = p: {p) stays prime, e = 1, / = 2, g = 1; 

0) = Ptp 2 : (p) splits, e = 1, / = 1, g = 2. 

One obtains the following result. 

(i) If p\ disc((2/c/Z), then (p) ramifies in Ok- 

(ii) For an odd prime p not dividing the m, we have 

( p ) is the product of two distinct ideals m is a square mod p, i.e., (^) = 1; 

( p ) is a prime ideal in Q[y/m\ 4=> m is not a square mod p, i.e., (^) = —1. 

(iii) For the prime 2 when m = 1 mod 4, we have 

( p) is the product of two distinct ideals m = 1 mod 8; 

( p) is a prime ideal in m = 5 mod 8. 

To prove (iii), we must use the integral basis {l,o:}, a = (1 + -Jm)/2. The minimum 
polynomial of a is X 2 — X + (1 —m)/ 4. If m = 1 mod 8, this factors as X 2 + X = X(X + 1) 
mod 2, and so (2) = (2, a) (2,1 + a). If m = 5 mod 8, then X 2 — X + (1 — m)/4 = X 2 + 
X + 1 mod 2, which is irreducible, and so (2) = (2,1 + a + a 2 ) — (2). 

Example 3.45 It is proved in basic graduate algebra courses that Z[/], the Gaussian 
integers, is a principal ideal domain. I claim that the following conditions on an odd prime p 
are equivalent: 
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(a) p = 1 mod 4; 

(b) (p) splits in Z[/]; 

(c) there exist integers a and b such that p — a 2 + b 2 . 

We know that (p) splits in Z [i ] if and only if X 2 + 1 splits modulo p, but this is so if 
and only if F p contains a 4th root of 1, i.e., if and only if the group F* contains an element 
of order 4. As F* is a cyclic group (FT Exercise 1 -3) of order p— 1, this is so if and only if 
A\p — \. Thus we have shown that (a) and (b) are equivalent. 

Suppose (p) splits in Z[i], say (p) — pip 2 - Then pi and p 2 are principal, and if 
pi — (a + ib) then p 2 = (a — ib). Therefore a 2 + b 2 — p up to multiplication by a unit in 
Z [/]. But the only units in Z[z] are ±1, ±z, and so obviously a 2 + h 2 = p. Conversely, if 
p — a 2 + b 2 with a,b eZ, then (p) = (a + ib)(a — ib) in Z[/]. 

Aside 3.46 The fact that every prime of the form An + 1 is a sum of two squares was stated as a 
theorem by Fermat in a letter in 1654. Euler, who was almost certainly unaware of Fermat’s letter, 
found a proof. For some history, and a discussion of algorithms for finding a and b, see Edwards 
1977, p. 55. 

Remark 3.47 (a) From (3.41) and (3.43) we see that, for almost all p, factoring (p) in Ok 
amounts to factoring a polynomial / (X) modulo p into a product of powers of irreducible 
polynomials. Clearly, this can always be done, but it may require a lot of hard work but not 
much intelligence. Hence it can safely be left to the computer. In PARI, f actormod(f ,p) 
factors the polynomial / modulo p. For example, 
f actormod(X~3+10*X+l, 2) returns ( X + 1)(A 2 + X + 1), 
f actormod(X~3+10*X+l, 17) returns X 3 + 10A + 1, 

f actormod(X~3+10*X+l ,4027) returns (X + 2215) 2 (A + 3624), etc., as in the following 
table. 

(b) In the next section, we shall show, not only that the class group of a number field 
is finite, but that it is generated by the prime ideals dividing a certain small set of prime 
numbers. Finding the class number therefore involves finding the prime ideal factors of these 
prime numbers, and the relations among them. 

Example 3.48 Fet a be a root of A 3 + 10A + 1. Recall that the discriminant of the 
polynomial is —4027, and so the ring of integers in Q[a] is Z + Za + Za 2 . There are the 
following factorizations: 


2 

(1 + A)(l + A + A 2 ) 

(2) 

= (2,1 +a)(2,1 + a + a 2 ) 

3 

(2 + A)(2 + A + A 2 ) 

(3) 

— (3,2 + a) (3,2 + a + a 2 ) 

5 

(1 + A)(l + 4A + A 2 ) 

(5) 

= (5,1+ a)(5,1+ 4a+ a 2 ) 

7 

(3 + A)(5 + 4A + A 2 ) 

(7) 

= (7,3 + a) (7,5 + 4a + a 2 ) 

11 

(6 + A)(2 + 5A + A 2 ) 

(ID 

= (ll,6 + a)(ll,2 + 5a + a 2 ) 

13 

1 + 10A + A 3 

(13) 

= (13,1 + 10a + a 3 ) = (13) 

17 

1 + 10A + A 3 

(17) 

— prime ideal. 

4027 

(2215 + A) 2 (3624 + A) 

(4027) 

= (4027,2215 + a) 2 (4027,3624 + a) 


Example 3.49 Fet a be a root of X 3 — 8A + 15. Here again, the discriminant of the 
polynomial is —4027, and so the ring of integers in Q[a] is Z + Za + Za 2 . There are the 
following factorizations: 
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2 

(l + X)(l + X + X 2 ) 

(2) 

3 

X(l + X 2 ) 

(3) 

5 

X(2 + X 2 ) 

(5) 

7 

(5 + X)(3 + 2X + X 2 ) 

(7) 

11 

(1 + 2f)(4+ 10X + X 2 ) 

(11) 

13 

2 + 5X + X 3 

(13) 

17 

(4 + X)(6 + X)(7 + X) 

(17) 

4027 

(509 + A)(1759 + X) 2 . 

(4027) 


= (2,1 + a)(2,1 +a. + a 2 ) 

— (3, of)(3,1 + a 2 ) 

= (5, a) (5,2 +a 2 ) 

= (7, a) (7,3 + 2a + a 2 ) 

= (ll,a)(l 1,4+ 10a + a 2 ) 

= (13) 

= (17,4 + a)(17,6 + a)(17,7 + a) 
= (4027,509 +a) (4027,1759 + a) 2 


On comparing the factorizations of (17) in the fields in the last two examples, we see that 
the fields are not isomorphic. 

Remark 3.50 When K is a number field, it is interesting to have a description of the set 
Spl(TO of prime numbers that split in K. For K — Q[^/Tn] with m square free, this is the 
set of odd p not dividing m for which (—) = 1 together possibly with 2 (see 3.44). We 
shall see later that the quadratic reciprocity law gives a good description of the set. For 
every abelian Galois extension K of <Q>, class field theory gives a similarly good description, 
but for an arbitrary extension very little is known about what sets can occur. There is a 
theorem that says that two Galois extensions K and K' of Q are isomoiphic if and only if 
Spl(A") ^SpK/C). Moreover, this can be made into an effective procedure for determining 
when fields are isomorphic. See Theorem 8.38 below. 

Example 3.51 In (2.39), we saw that f(X) = X s — X — 1 is irreducible in Q[X], and that 
its discriminant is 19-151, which is square-free, and so, if a is a root of /(X), then Z[a] is 
the ring of integers in Q[a]. We have the following factorizations: 

j f = (6 + X) 2 (10+13X + 17X 2 + X 3 ) 
j (19) = (19,6 + a) 2 (19,10 + 13a + 17a 2 + a 3 ) 
j / = ( 9+X)(39+X) 2 (61 + 64X + X 2 ) 

) (151) = (151,9 + a)(151,39 + a) 2 (151,61 + 64a + a 2 ) 
j / = (1261 + X)(2592 + *)(790 + 3499X + 174X 2 + X 3 ) 

' j (4027) = (4027,1261 + q:)( 4027,2592 + a)(4027,790 + 3499a + 174a 2 + a 3 . 

Thus (19) and (151) are ramified in Q[a], and 4027 is not, which is what Theorem 3.35 
predicts. 

Example 3.52 According to PARI, 

X 4 + X 3 + X 2 + X + l = (X + 4) 4 mod 5 


Why is this obvious? 


Eisenstein extensions 

Recall that Eisenstein’s Criterion says that a polynomial 

X m -\-a\X m + 

such that a t e Z, p\a, all i, and p 2 does not divide a m , is irreducible in 0[A]. We will 
improve this result, but first we need to make two observations about discrete valuations. 
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Let A be a Dedekind domain, and let B be its integral closure in a finite extension L of 
its field of fractions K. Let p be a prime ideal of A and let ip be an ideal of B dividing p, 
say p B = • • •. Write ord p and ordp for the normalized valuations on K and L defined by 

p and Then 

ordfp | K — e ■ ord p (11) 

because, if (a) — p m ■■■ in A, then (c?) = ■■■ in B. 

Next I claim that if 

ci i + • • • + ci n — 0, 

then the minimum value of ord(< 2 ,) must be attained for at least two is. Suppose not, say 
ord(ai) < ord(o ; ) for all i > 1. Then —a\ = JT> 2 a, implies that 

^ ( 8 ) 

ord(tfi) = ord( > a, ) > min ord(cq), 

L —'!>2 2 <i<n 


which is a contradiction. 

Let A be a Dedekind domain and let p be a prime ideal in A. A polynomial 
X m +a 1 X m ~ 1 +... + a m , a, e A. 


is said to be Eisenstein relative to p if 

ord p (ai) >0, ord p (a OT _i) > 0, ord p (a m ) = 1. 

Proposition 3.53 Let f(X) e A[X] be an Eisenstein polynomial with respect to p. Then 
f {X) is irreducible, and if oe is a root of f {X), then p is totally ramified in K[a]; in fact 
p B = with ^ = (p,a) and m = deg(/). 

def 

PROOF. Let L be the field generated by a root a of f(X)\ then [L: K] < m = deg(/). Let 
be a prime ideal dividing p, with ramification index e say. Consider the equation 

a m + a\u m - 1 ^ -b a m =0. 

Because / (X) is Eisenstein, 

ord>p(a" ? ) = m ■ ord^(«); 
ordfp {aia m ~ l ) > (m — i ) • ordfp (a) + e\ 
ordfp {am) = e. 

If ordp (a) = 0, then the minimum value of ordp is taken for a single term, namely a m . This 

is impossible, and so ordp(aO > 1, and ordp (a, a'” - ') > ordp (a m ) = e for i = 1. m — 1. 

From the remark preceding the proposition, we see that m ■ ordp (a ) = e. Then 

m-ordp(a) = e < [A'fa] : K] < m, 

and we must have equalities throughout: ordp (a) = 1, [^(a): K] = m — e. □ 


Notes Gauss proved the quadratic reciprocity law, and studied the arithmetic of Q[/] in order 
to discover the quartic reciprocity law. Kummer made an intense study of the arithmetic of the 
fields Q[£„], where is a primitive nth root of 1, in order to prove higher reciprocity laws. A 
major problem for him was that unique factorization fails already for n = 23. To restore unique 
factorization, he developed his theory of “ideal numbers”. One of Dedekind’s great achievements 
was to realize that, by replacing Kummer’s “ideal numbers” with his new notion of “ideals”, it was 
possible to simplify Kummer’s theory and extend it to the rings of integers in all number fields. A 
difficult step for him was showing that if o|b, then there exists an ideal c such that u = be. Emmy 
Noether re-examined Kummer’s work more abstractly, and named the integral domains for which his 
methods applied “Dedekind domains”. 
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Exercises 

3-1 Let k be a field. Is k[X, Y] a Dedekind domain? (Explain). 

3-2 Show that Z[73] is the ring of integers in Q[x/3] and Z[V7] is the ring of integers 
in 0|_\/7], but that Z[-s/3, \fl] is not the ring of integers in Q[V3, x/7]. (Hint: look at 
(73 + V7)/2.) 

3-3 Complete the proofs of the following statements (cf. 3.45): 

(a) x 2 + y 2 = p has a solution in Z p = 1 mod 4; 

(b) x 2 + 2 y 2 — p has a solution in Z •++> p = 1 or 3 mod 8; 

(c) x 2 + 3y 2 = p has a solution in Z +=> p = 1 mod 3. 3 

You may assume that Q[ y— p] has class number 1 for p < 5. 

3-4 Let k be a field, and let A be the subring k[X 2 , X 3 ] of k[X}. 

(a) Show that k[X] is a finitely generated k[X 2 }- module, and hence is a Noetherian 
k[Y 2 ]-module. Deduce that + is Noetherian. 

(b) Show that every nonzero prime ideal of A is maximal, but that A is not a Dedekind 
domain. 

Hence A satisfies conditions (a) and (c) to be a Dedekind domain, but not (b). There are 
also rings that satisfy (b) and (c) but fail (a), and rings that satisfy (a) and (b) but not (c) (for 
example, k[X, Y]). 


3 Kwangho Choiy notes that x 2 + 3 y 2 = p can be replaced by x 2 + xy + y 2 = p, because the norm is of 

the form x 2 + xy + v 2 . However, both are true, because (Tr) = (4)- Moreover, we can remark that the prime 

P J 

ideal lying over p with ( j ) = 1 can be generated by an element in Z[+—3]. 




Chapter 


The Finiteness of the Class Number 


In this section we prove the first main theorem of the course: the class number of a number 
field is finite. The method of proof is effective: it gives an algorithm for computing the class 
group. 


Norms of ideals 


Let A be a Dedekind domain with field of fractions K, and let B be the integral closure of A 
in a finite separable extension L. We want to define a homomoiphism Nm: Id( B ) —>■ Id(A) 
which is compatible with taking norms of elements, i.e., such that the following diagram 
commutes: 


L* ^ Id(S) 


Nm 


Nm 


K y 


n Id (A). 


( 12 ) 


Because Id(5) is the free abelian group on the set of prime ideals, we only have to define 
Nm(p) for p prime. 

Let p be a prime ideal of A, and factor pB = ]~[ “'Vf • If p is principal, say p = (jt), then 
we should have 


Nm(pt5) = Nm(i • B) = Nm(i) • A = (n m ) = p m , m = [L:K], 

Also, because Nm is to be a homomorphism, we should have 

Nm(pR) = Nmtn^-O = ri Nm CP/) ei - 

On comparing these two formulas, and recalling (3.34) that m = ]// e i f) , we see that we 
should define Nm(q3/) = p ''. We take this as our definition: 

Nm(<P) = p /(Wp) where p = tp n A and /(q3/p) = A/p]. 

To avoid confusion, I sometimes use N to denote norms of ideals. 

If we have a tower of fields M D L D K, then 

Nl/k(Nm/l&) = Nm/k 1 * 

because /(£/<£) ■ /CP/p) = /(Q/P). i-e., [C/£2 : B/W • [B/% : A/p] = [C/O : A/p] 
where C D B D A ai - e the integral closures of A in M, L, and K respectively. 
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Proposition 4.1 Let A c B and K c L be as above. 

(a) For any nonzero ideal a C A, Ml/k(&B) — a>n , where m — [L : K\. 

(b) Suppose L is Galois over K. Let ip be a nonzero prime ideal of B and let p = ip fl A. 

Write p • B = (iPi ■ ■ ■tygY (cf. 3.34). Then 

Ny-B = W l ---y g ) e f = ]~[ a<p. 

o' €Gal(Z^ / K ) 

(c) For any nonzero element ft e B, Nm(/J) ■ A — Nm( ft ■ B) (i.e., (12) commutes). 
PROOF, (a) It suffices to prove this for a prime ideal p, and for such an ideal we have that 

A f(pB) = AflUV?) = P Ee,/i = P m (by 3.34). 

(b) Since AAp* = pC for each i, the first equality is obvious. In the course of the proof 
of (3.34), we showed that Ga\(L/K) acts transitively on the set {S)3 1 , ...,*p g }, and it follows 
that each ip,- occurs ^ = ef times in the family {a*p | o e GalfL /K)}. 

(c) Suppose first that L is Galois over K, and let /3 • B = 6. The map a m>- n • B : Id( A) —» 
Id(5) is injective (remember they are the free abelian groups on the sets of nonzero prime 
ideals), and so it suffices to show that Nm(/3) • B — Nm(b) ■ B. But 

Nm(b) ■ B == n 0 ’' 3 = YIW ' = (n*P)-B — Nm(jS) ■ B 


as required. 

In the general case, let £ be a finite Galois extension of K containing L, and let 
d = [E: L\. Let C be the integral closure of B in E. From (a), the Galois case, and the 
transitivity of A f we have that 

A / l /k(P • B) d = N E /idP • C) = Nm £/ ^) ■ A = Nm L/K (fi) d - A. 

As the group of ideals Id(A) is torsion-free, this implies that Nl/k(P ■ B) = Nm l/k(P)-A. n 

Let a be a nonzero ideal in the ring of integers Ok of a number field K. Then a is of 
finite index in Ok, and we let Na, the numerical norm of a, be this index: 

Na= (O k : a). 

Proposition 4.2 Let Ok be the ring of integers in a number held K. 

(a) For any ideal a in Ok, AV/o( a ) = (N(a)); therefore N(ab) = N(a)N(b). 

(b) Let be a be fractional ideals in K; then 

(a : b) = N(a -1 b). 

PROOF, (a) Write a — f"[ P?, an <3 let fi — f (P/ / Pi ) where (/?,-) = Z n p/ ; then Nnr(p/ ) = 
(pi)B. From the Chinese remainder theorem, Ok /a — W^k/p] 1 , and so (Ok '■ a) = 
\\(Ok '■ p[' )■ In the course of the proof of (3.34), we showed that OkIp\ 1 has a filtration of 
length r,- whose quotients are vector spaces of dimension f, over T Pj , and so (Ok : p^) = 

pf ,r ‘. On taking the product over i, we find that (Ok ■ n) = FI( Pi) — A/^/qU. When 
we identify the set of nonzero ideals in Z with the set of positive integers, then J\f becomes 
identified with N, and so the multiplicativity of N follows from that of AC 
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(b) For any nonzero d e K, the map x i-> dx: K —>• K is an additive isomorphism, and 
so (da : db) = (a : b). Since (da)(d b) _l = ab _1 , we may suppose that a and b are integral 
ideals. The required formula then follows from (a) and the formulas 

(Ok : a)(n : b) = (O k : b) 


and 

N(n)-N(a _1 b) = N(b). 


Statement of the main theorem and its consequences 

We now state the main theorem of this section and discuss some of its consequences. 

Theorem 4.3 Let K be an extension of degree n ofQ, and let Ak be the discriminant of 
K/Q. Let 2s be the number of nonreal complex embeddings of K. Then there exists a set 
of representatives for the ideal class group of K consisting of integral ideals a with 

n\ f 4 V , 

N(a)<— - \A K \*. 

n n \n J 

The number on the right is called the Minkowski bound — we sometimes denote it 


by B k . The term C K = jpr (^)' is 
values: 

called the Minkowski constant. It takes the following 

n 

r 

s 

c 

2 

0 

1 

0.637 

2 

2 

0 

0.500 

3 

1 

1 

0.283 

3 

3 

0 

0.222 

4 

0 

2 

0.152 

4 

2 

1 

0.119 

4 

4 

0 

0.094 

5 

1 

2 

0.062 

5 

3 

1 

0.049 

5 

5 

0 

0.038 

100 

100 

0 

0.93 x 10“ 42 


Here r is the number of real embeddings of K. We have 


K <8>qM f»l r xC J , 

and, if K — Q[ct] and / (X ) is the minimum polynomial of a, then r is the number of real 
roots of f(X ) and 2s is the number of its nonreal roots. To see that these descriptions of r 
and s agree, apply (1.18). 

Before proving (4.3), we give some applications and examples. 

Theorem 4.4 The class number of K is finite. 
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PROOF. It suffices to show that there are only finitely many integral ideals a in Ok such that 
N(a) is less than the Minkowski bound — in fact, we shall show that, for any integer M, there 
are only finitely many integral ideals a with N(a) < M. If a = ]~[ p-', then N(a) = Y\Pj l 
where (pi) = p; n Z. As N(o) < M, this allows only finitely many possibilities for the p, 
(and hence for the p,), and only finitely many possibilities for the exponents r ,. □ 

Let S be the set of integral ideals in K with norm < Bk- Then S is a finite set, and 
Cl (Ok) = S/ ~, where a ~ b if one ideal is the product of the other with a principal 
(fractional) ideal. There is an algorithm for finding S, and an algorithm for deciding whether 
a ~ b, and so there is an algorithm for finding Cl (Ok) (the group, not just its order). To find 
S, find the prime ideal factors of enough prime numbers, and form some of their products. 
To decide whether a ~ b, one has to decide whether c = ab _1 is principal. From (4.2b) we 
know that, for y e c, 

c = (y) Nc = |Nmy| 
and so we have to solve the equation: 

Nnr y = constant. 

When we express y in terms of an integral basis, this becomes a (very special) type of 
diophantine equation. For a descriptions of algorithms for finding Cl (Ok), see Cohen 1993, 
6.5, and Pohst and Zassenhaus 1989, p424. 

Example 4.5 Let K = Q[z]. The condition in Theorem 4.3 is that N(a) < |^2 < 1.27. 
There are no such ideals other than Z[z], and so Z[z] is a principal ideal domain. (Of course, 
the elementary proof of this shows more, namely, that Z[z] is a Euclidean domain. Even 
for rings of integers in number fields, it is not true that all principal ideal domains are 
Euclidean domains. For example, Q[V—19] has class number 1, but its ring of integers is not 
a Euclidean domain. For more on such things, see the survey article Lemmermeyer 1995 1 .) 

Example 4.6 Let K = Q[V—5]. Here N(a) < 0.63 x V20< 3. Every ideal satisfying this 
must divide (2). In fact, (2) = p 2 where p = (2,1 + V—5), and Np 2 = N(2) = 4, and so 
Np = 2. The ideals Ok and p form a set of representatives for Cl(Z[v—5]). The ideal 
p can’t be principal because there does not exist an element a = m + n V—5 such that 
Nm(a) = m 2 + 5 n 2 = 2, and so C1(Z[V^5]) has order 2. 

Example 4.7 Let A be a cubic field with discriminant < 0. Since the sign of Ak is (— 1) J , 
and [K : Q] = r + 2s, we have s = 1, r = 1. The Minkowski bound is 

B k <0.283|A*|i. 

For | Ak \ < 49, Bk < 2, and so for cubic fields with —49 < Ak < 0, the class number h = 1. 
For example, this is true for the number fields with discriminants —23 and —31 discussed 
earlier (see 2.36, 2.37). 

For the stem field of X 3 + 10X + 1, the discriminant is —4027, and the Minkowski 
bound is < 18. Recall from (3.48) that 

(2) = (2,1 + a) (2 ,1 + ot + a 2 ). 

'Lemmermeyer, Franz. The Euclidean algorithm in algebraic number fields. Exposition. Math. 13 (1995), 
no. 5, 385-416. 
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Let p = (2,1 + a); its norm is 2. One can show that it generates the class group, and that 
it has order 6 in the class group, i.e., p 6 but no smaller power is principal. Hence the class 
group is cyclic of order 6. (The proof takes quite a bit of hard work if you do it by hand — 
see Artin 1959, 12.6, 13.3. Using PARI, you can type “bnf clgp(X"3+10*X+l)”) 

Example 4.8 Let a be a root of /(A) — X 5 — X + 1. We saw in (2.39) that /(A) is 
irreducible and its discriminant is 19 x 151, and so the ring of integers of Q[a] is Z[a\. 

According to Theorem 4.3, every class of ideals for Q[n] contains an integral ideal u 
with 

N(a) < 0.062x Vl9x 151 = 3.3 < 4. 

If p is a prime ideal with N(p) = 2, then the residue field at p must be F 2 , and /(X) must 
have a root mod 2; however, both /(0) and /(1) are odd, and so f(X ) doesn’t have a root 
in F 2 , which shows that p doesn’t exist. Similarly, there is no prime ideal p with N(p) = 3, 
and so Ok is a principal ideal domain! 

The Galois group of the splitting field M of /(A) is S 5 (later we shall see how to 
find Galois groups; for the moment type “polgalois(X"5-X-l)” in PARI), and hence 
[M:Q] = 120. It is possible to show that M is unramified over Q[Vl9 x 151]. 


An extension L of a number field K is said to be unramified over K if no prime ideal 
of Ok ramifies in Ol ■ 


Theorem 4.9 There does not exist an unramified extension ofQ. 


PROOF. Let K be a finite extension of Q. Since a set of representatives for the class group 
must have at least one element, and that element will have numerical norm > 1, Theorem 
4.3 shows that 


| Z \|2 > 


n" (Jt\ s 
hT \4/ 


n n tn\ n l 2 
~ ~iT. V4/ 


Let a n — rhs. Then «2 > L and ^t±i = (A) 2 p| _j_ > p anc j so se q Uence Qn j s 

monotonically increasing. Hence the discriminant of K has absolute value > 1, and we know 
from (3.35) that any prime dividing the discriminant ramifies. □ 


Corollary 4.10 There does not exist an irreducible monic polynomial f ( X ) e Z[A] of 
degree > 1 with discriminant ±1. 

PROOF. Let / (A) be such a polynomial, and let a be a root of / (A). Then disc(Z[a]/Z) = 

def 

±1, and so Z[a\ is the ring of integers in K = Q[a\ and disc((9jf /Z) = ±1, which contra¬ 
dicts the theorem. □ 


Remark 4.11 There may exist unramified extensions of number fields other than Q. In 
fact, class field theory says that the maximal abelian unramified 2 extension of K (called the 
Hilbert class field of K ) has Galois group canonically isomorphic to C\(Ok)- For example, 
the theory says that Q[V—5] has an unramified extension of degree 2, and one verifies that 
Q[V^I, V—5] is unramified over Q[V—5]. In particular, the discriminant of QfV—T, V—5] 
over Q[V—5] is a unit. 3 

2 The Hilbert class field L of K is required to be unramified even at the infinite primes — this means that 
every real embedding of K extends to a real embedding of L. 

3 The ring of integers in Q[U—T, v 2 —5] is Z \ \/— I. (1 + \/5)/2l, which properly contains I, sf— 5]. 
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Remark 4.12 Let K\ be a number field with class number Hk x > L Its Hilbert class field 
is an abelian unramified extension K 2 of Ki with Gal( A^/ K \) ~ Cl(A'i). Let K 3 be the 
Hilbert class field of K 2 , and so on. In this way, we obtain a tower of fields, 


K 1 CK 2 CK 3 C ■■■ 


It was a famous question (class field tower problem) to decide whether this tower can be 
infinite, or must always terminate with a field of class number 1 after a finite number of steps. 
It was shown by Golod and Shafarevich in the early 60s that the tower is frequently infinite. 
See Roquette 1967. 

If K has class number 1, then it has no abelian unramified extensions, but it may have 
nonabelian unramified extensions, even infinite (see, for example, D. Brink, Remark on 
infinite unramified extensions of number fields with class number one, J. Number Theory 
130 (2010), 304-306; mo53530). 

Lattices 

Let V be a vector space of dimension n over M. A lattice A in V is a subgroup of the form 


A — TLe 1 4- • • • T- T^e r 

with e\ . e r linearly independent elements of V. Thus a lattice is the free abelian subgroup 

of V generated by elements of V that are linearly independent over M. When r — n, the 
lattice is said to be full. At the opposite extreme, A — {0} is a lattice (generated by the 
empty set of elements). In terms of tensor products, one can say that a full lattice in V is a 
subgroup A of V such that the map 


J2 n <g> Xi i-» J2 r i x i : M <S>z A -> V, 


is an isomorphism. 

Nonexample 4.13 The subgroup Z + Z\/2 of M is a free abelian group of rank 2 (because 
y/l is not rational), but it is not a lattice in M. 

We shall need another criterion for a subgroup A of V to be a lattice. The choice 
of a basis for V determines an isomorphism of V with M", and hence a topology on V ; 
the topology is independent of the basis, because every linear automorphism of W 1 is a 
homeomorphism. A subgroup A of V is said to be discrete if it is discrete in the induced 
topology. A topological space is discrete if its points (hence all subsets) are open, and so to 
say that A is discrete means that every point a of A has a neighbourhood U in V such that 
UAA = {a}. 

Lemma 4.14 The following conditions on a subgroup A of a finite-dimensional real vector 
space V are equivalent: 

(a) A is a discrete subgroup; 

(b) there is an open subset U of V such that U fl A = {0}; 

(c) each compact subset of V intersects A in a finite set; 

(d) each bounded subset ofV intersects A in a finite set. 
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PROOF, (a) 4=4 (b). Obviously (a) implies (b). For the converse, note that the translation 
map x i-»- a + x: V —>• V is a homeomorphism, and so, if U is a neighbourhood of 0 such 
that U 0 A — {0}, then a + U is a neighbourhood of a such that (u + U)C\A = {a}. 

(a)=4(c). Condition (a) says that A is a discrete space for the induced topology. Hence, 
if C is compact, then C D A is both discrete and compact, 4 and therefore must be finite. 

(c) =P(d). The closure of a bounded set in M" (hence in V) is compact, and so this is 
obvious. 

(d) =P(b). Let U be a bounded open neighbourhood of 0. Then S = U (1 A \ {0} is finite 
and hence closed, and so U \ S is an open neighbourhood of {0} such that (U \ S) D A — 
{ 0 }. □ 

Proposition 4.15 A subgroup AofV is a lattice if and only if it is discrete. 

PROOF. Clearly, a lattice is discrete. For the converse, let A be a discrete subgroup of V, 
and choose a maximal M-linearly independent subset {e\ ,..., e r } of A. We shall argue by 
induction on r. 

If r = 0, A = 0, and there is nothing to prove. 

If r — 1, then A C M.e\. Because A is discrete, for each M > 0, 

{tie i | \a\ < M} fl A 

is finite, and so there is an / e A such that, when we write / = ae i, a attains its minimum 
value > 0. I claim A = Z/. Any a e A \ Z/ will equal (m + b)f for some m e Z and b 
with 0 < b < 1; but then (a — mf ) — bf — abe\, and 0 < ab < a, which contradicts our 
choice of /. 

If r > 1, we let A' = A n (Mei 4-P Me r _i). Clearly this is a discrete subgroup of 

def 

the vector space V’ = Mei 4-p Mc r _i and so, by induction, A! = Z/i 4-P Z / r -1 for 

some fi that are linearly independent over M (and hence also form a basis for V). Every 
a € A can be written uniquely 


a = aifi-\ - \-a r -if r -i +ae r , ai,aeR. 

Let cp: A —> M be the map cn->a, and let A" — Im(i -p). Note that a is also the image of 

(at - [ai])/i 4-P (a r -i - [a r -i])f r -i + ae r , [*] = integer part, 

and so each element a e A" in a bounded set, say with 0 < |c/| < A/, is the image of an 
element of A in a bounded set, 


0<a f <1, i = 1_ ,r — 1, \a\<M. 

Thus there are only finitely many such as, and so A" is a lattice in M, say A" = Z ■ (p{f r ), 
fr e A. 

4 I am implicitly using that a discrete subgroup of a Flausdorff group is closed (note that a discrete subset 
need not be closed, e.g., {1 /m | n an integer > 0} is not closed in the real numbers). Here is the proof. Let H be 
a discrete subgroup of a Hausdorff group G. There exists a neighbourhood U of 1 such that U fl H = 1; choose 
a neighbourhood V of 1 such that F -1 V is contained in U. For distinct elements a and b of H , Va and Vb are 
disjoint. Let g lie in the closure of H, so that H fl F _1 g is nonempty. If a lies in H fl V~ 1 g, say a = v~ 1 g, 
then g € Va. This shows that H fl F -1 g = {a}. As g is in the closure of H , this implies that g = a, and so g 
lies in H. More generally, every locally compact subgroup of a Hausdorff group is closed. 
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Let a e A. Then cp(a) = cup(f r ) for some a e Z, and cp(a — af r ) — 0. Therefore 
a — af r € A', and so it can be written 

a-afr = fli/i 4- Ya r -\f r -\, cn e Z. 

Hence 


a — aifi -\ - Ya r -if r -\+afr, aj,ae Z, 

which proves that /l = 'ffZf). 


Let F be a real vector space of dimension n, and let A be a full lattice in F, say 
A = For any Ao e A, let 

D — { A 0 + J2 a i e i | o < a, < 1}. 

Such a set is called a fundamental parallelopiped for A. The shape of the parallelopiped 
depends on the choice of the basis (<?, ), but if we fix the basis and vary Ao e A, then the 
parallelopipeds cover M” without overlaps. 

Remark 4.16 (a) For a fundamental parallelopiped D of a full lattice 

A = Zf 1 +- + Zf n 


in M", the volume of D 

fi(D) = | detC/i,- - • ,f n )\. 
(See any good book on calculus.) If also 

A = Zfi + Zf' + ... + Zf;, 


then the determinant of the matrix relating {f} and {/■'} has determinant ±1, and so the 
volume of the fundamental parallelopiped doesn’t depend on the choice of the basis for A. 

(b) When A Y) A' are two full lattices in M", we can choose bases {<?/} and { f) } for A and 
A' such that f, — mie, with m, a positive integer. With this choice of bases, the fundamental 
parallelopiped D of A is a disjoint union of (A : A') fundamental parallelopipeds D' of A'. 
Hence 


IMP') 

li{D) 


{A : A') 


(*)• 


As we noted above, the choice of a basis for V determines an isomorphism F ss 1”, 
and hence a measure /z on F. This measure is translation invariant (because the Lebesgue 
measure on M” is translation invariant), and well-defined up to multiplication by a nonzero 
constant (depending on the choice of the basis) 5 . Thus the ratio of the measures of two sets 
is well-defined, and the equation (*) holds for two full lattices A D A' in F. 

Theorem 4.17 Let Do be a fundamental parallelopiped for a full lattice in V, and let S be 
a measurable subset in V. If p(S) > pi Do), then S contains distinct points a and ft such 
that ft — a 6 A. 


5 The experts will recognize // as being a Haar measure on V. 
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PROOF. The set S n D is measurable for all fundamental parallelopipeds D, and 

M(S) = ^^nD) 

(sum over translates of D by elements of A). For each Z), a (unique) translate of S n D by 
an element of A will be a subset of Do . Since /i(S) > fi( Do), at least two of these sets will 
overlap, i.e., there exist elements a, ft e S such that 

a — X — fl — X', someA.A'eyl. 


Then /3 — a e A. □ 

Remark 4.18 In the language of differential geometry, the theorem can be given a more 
geometric statement. Let M = V/A; it is an n -dimensional torus. The measure /i on V 
defines a measure on M for which M has measure fi(M) — n(D). The theorem says that if 
p(S) > ji(M ), then the restriction of the quotient map V —► A1 to S can’t be injective. 

Let T be a set such that 


a,p e T =» i(a-j8) e T, (**) 

and let S — \T. Then T contains the difference of any two points of .S', and so T will 
contain a point of A other than the origin whenever 

MD)<fi(iT) = 2- n [i(T), 


i.e., whenever 

M T ) > 2 n n(D). 

We say that a set T is convex if, with any two points, it contains the line joining the 
two points, and that T is symmetric in the origin if a e T implies —a e T. A convex set, 
symmetric in the origin, obviously satisfies (**), and so it will contain a point of A \ {0} if 
its volume is greater than 2 n ji(D). 

Theorem 4.19 (Minkowski’s) Let T be a subset of V that is compact, convex, and 
symmetric in the origin. If 

fi(T)>2 n p(D) 

then T contains a point of the lattice other than the origin. 

Proof. Replace T with (1 + e)T, e > 0. Then 

At((l +e)T) = (1 +e) n n(T) > 2 n p(D), 

and so (1 T e)T contains a point of A other than the origin (see the preceding remark). It 
will contain only finitely many such points because A is discrete and (I + e) T is compact. 
Because T is closed 

r = rU‘ + »r- 

If none of the (finitely many) points of A n (1 + e)T other than the origin is in T, we will 
be able to shrink (1 + s) T (keeping e > 0) so that it contains no point of A other than the 
origin—which is a contradiction. □ 
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Remark 4.20 Theorem 4.19 was discovered by Minkowski in 1896. Although it is almost 
trivial to prove, it has lots of nontrivial consequences, and was the starting point for the branch 
of number theory called the “geometry of numbers”. We give one immediate application of 
it to prove that every positive integer is a sum of four squares of integers. 

From the identity 

(, a 2 + b 2 + c 2 + d 2 )(A 2 + B 2 + C 2 + D 2 ) = 

(aA — bB — cC — clD) 2 + (aB + bA + cD — dC) 2 + 

(aC — bD + cA -f- dB) 2 -\- (ciD -F bC — cB -j- dA) 2 , 

we see that it suffices to prove that a prime p is a sum of four squares. 

Since 

2= l 2 + l 2 + 0 2 + 0 2 , 
we can suppose that p is odd. I claim that the congruence 

m 2 + r 2 + 1 = 0 mod p 

has a solution in Z. As m runs through 0,1,_ p — 1, m 2 takes exactly (p + l)/2 distinct 

values modulo p, and similarly for — 1 — n 2 . For the congruence to have no solution, all 
these values, p + 1 in total, must be distinct, but this is impossible. 

Fix a solution m,n to the congruence, and consider the lattice A C Z 4 consisting of 
(a,b,c,d) such that 

c = ma+nb, d = mb — na mod p. 

Then Z 4 D A D p Z 4 and A //?Z 4 is a 2-dimensional subspace of F 4 (the a and b can be 
arbitrary mod p, but then c and d are determined). Hence A has index p 2 in Z 4 , and so the 
volume of a fundamental parallelopiped is p 2 . Let T be a closed ball of radius r centered at 
the origin. Then T has volume 7r 2 r 4 /2, and so if we choose r so that 2 p > r 2 > 1.9 p say, 
then 

li(T) > 16 p(D). 

According to Minkowski’s theorem, there is a point (, a,b,c,d ) € (A\ {0}) D T. Because 
e A, 

a 2 + b 2 + c 2 + d 2 = a 2 ( 1 +m 2 + n 2 ) + b 2 ( 1 +m 2 + n 2 ) = 0 mod p , 
and because ( a,bx,d ) E T, 


ci 2 + b 2 + c 2 + d 2 < 2p. 

As a 2 + b 2 + c 2 + d 2 is a positive integer, these conditions imply that it equals p. 

This result was stated by Fermat. Euler tried to prove it over a period of 40 years, and 
Lagrange succeeded in 1770. 


Some calculus 

4.21 Let V be a finite-dimensional real vector space. A norm on V is a function || • ||: V 
M such that 
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(b) for reR and xef, ||rx|| = |r|||x||; 

(c) (triangle law) for x,y e V, ||x + y|| < ||x|| + ||y||. 

Let V = R r xC s — it is a real vector space of dimension n — r + 2s. Define a norm on 
V by 

r r+s 

iix|i _ y^ix,-i +2 y \z t \ 

1=1 i=r +1 

if X = (Xi,...,X r ,Z r+ i . Z r+S ). 

Lemma 4.22 For any real number t > 0, let 

X(t) = {x 6 V I 11X11 < tj. 

Then 

ji(X(t)) = 2 r (n/2) s t n /n\. 

PROOF. Since X{t) is symmetric with respect to the r real axes, we have 

l i(X{t)) = 2 r - l i(Y(t)) 

where Y(t) = {x | ||x|| < t, xi . x r > 0}. For the complex variables, we make the change 

of variable 

zj = Xj +iyj — -Pj (cos 6j +i sin 6j). 

The Jacobian of this change of variables is pj /4. After integrating over the 0j, for 0 < 0, < 
2n, we find that 

H(X(t)) = 2 r ■ \~ s ■ (2n) s Jzp r +i ■ ■ ■ Pr+sdxi ■ ■ ■ dx r dp r+i ■■■dp r+s 


where 

Z = {(x,p) 6 M'“ Ks I Xi,pi > 0, J2 x i + Ep/ < t). 

The result now follows from the next lemma by taking: m ~ r + s: cp — 0, I < i F r: a, — 1, 
r + l<i<m; for then 

pt(X(t)) = 2 r -4- s -(2ny-t n / n \ 


as required. 


Lemma 4.23 For at > 0 e M, let 


I(ai, ...,a m d) = / x° l •■•Xm’dxi ■■■dx m , 
Jz(t) 


where Z{t ) = {x e M m | x ; - > 0, Then 

/(a,. a m -t) = <£"+”■ A°i + l)-r(a„ + l) 

F(a i + • • • + a m + m + 1) 
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PROOF. Recall that, by definition, (e.g., Widder, D., Advanced Calculus, 1961, Chapter 11), 

/»00 

T(x) — / e~ t t x ~ 1 dt. 

J o+ 

It takes the value T(n) = (n — 1)! for n a nonnegative integer. 

By making the change of variables x- = t.Xj in / , we see that 

I(ai,...,a m ;t) = t^ a ‘ +m I(ai,...,a m ; 1 ). 

Therefore it suffices to prove the formula for t — 1. We prove this case by induction on m. 
First, we have 

1 r(a l + \) 


Ha t;l) = 


//?' 


dx i = 


a i + 1 r (a i+2) 


Z(x m ) f = {xeM ffl 1 | Xj > 0, y^x,- < 1 - x m }. 

a m ; 1) = [ x“ m ( [ Xj 1 •••x ( ^!Z\ dx\ ■■■dx m -i \ dx m , 
Jo \Jz(x m y J 

= I -^in” Ha \. •••) a m — i; 1 — x m )dx m 
Jo 

= /(<H.flw-t! 1) [ X% n (l-X m ) J:ai+m - 1 dXm 

Jo 




r(cim + \) r'(ci\ + ••• + am— 1 + m) 


r{a \ + • • • + a m + m + 1) 


In the last step, we used the standard formula 


f x m_1 (l -x) n ~ 1 dx = B(m,n) = 

Jo 


r(m)r(n) 
r(m + n) 


Example 4.24 (a) Case r = 2, s = 0. Then 2T(?) is defined by |x| + | v| < t. It is a square 
of side a/ 2/, and so fi(X(t)) = It 2 . 

(b) Case r = 0, s = 1. Then X(t) is the circle of radius t/ 2, which has area nt 2 /4. 
Lemma 4.25 Leta\,...,a n be positive real numbers. Then 


(11 a i) H < (J2 a i)/n; 


equivalently. 


n«; < (E a i) n /n n . 

(The geometric mean is less than or equal to the arithmetic mean.) 
PROOF. See any good course on advanced calculus. 
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Finiteness of the class number 

Let K be a number field of degree n over ©. Suppose that K has r real embeddings 
{oi,...,o>} and 2s complex embedding {o>+i,d>+i,...,o>+ iy ,dy+ lS }. Thus n — r + 2s. 
We have an embedding 


o-.K^-Wx C s , cn-^- (<Jia,...,a r +sO()- 


We identify V = R r xC s with M” using the basis {1, i } for C. 

Proposition 4.26 Let a be a nonzero ideal in Ok ; then o(a ) is a full lattice in V, and the 
volume of a fundamental parallelopiped of o (a) is 2~ s ■ N a ■ | Ak | 5 . 

PROOF. Let be a basis for a as a Z-module. To prove that cr (a) is a lattice 

we show that the vectors o(a i), .. ,,o(a n ) are linearly independent, and we prove this by 
showing that the matrix A, whose ith row is 

(or (oti), ■ ■ ■, Or (on ), {Or +1 Qtj), 3 (p r +1 O';),...) 


has nonzero determinant. 

First consider the matrix B whose i th row is 


(oi(ai),...,Or(ai),Or + l(ai),Or + l ( oti ) . Or +s (a ,)). 


We saw in (2.26) that det(5) 2 = D(a i,... ,a n ) ^ 0. 

What is the relation between the determinants of A and B1 Add column r + 2 in B 
to column r + 1, and then subtract 1/2 column r + 1 from column r + 2. This gives us 
29f (Or-i-i(o? z )) in column r + 1 and —i2}(oy+i(afj)) in column r + 2. Repeat for the other 
pair's of columns. These column operations don’t change the determinant of B , and so 

det(5) = (— 2i) s det(A), 
or 

det(A) = (— 2i)~ s det(5) = ±(— 2i)~ s D(a\,... ,a n ) 1 ^ 2 ^ 0. 

Thus er( a) is a lattice in V. 

Since a (a) = Zo(a,), the volume of a fundamental parallelopiped D for a(a) is 

| det(A)|, and from (2.25) we know that 

|D(ai,...,o!„)| = (O k : a ) 2 • |disc(O jS: /Z)|. 


Flence 

H(D) = 2~ s -\D(a 1 .a„)|2 =2- J .Na-|4jr|*. 


Proposition 4.27 Let a be a nonzero ideal in Ok- Then a contains a nonzero element a 
of K with s 

I Nm(ar)| < B K ■ Na = f — ^ -^-Na|Z\^|2. 

\7T I n n 
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PROOF. Let X(t) be as in (4.22), and let D be a fundamental domain for the lattice a(a). 
The set X(t) is compact convex and symmetric in the origin, and so, when we choose l 
so large that ii(X(t )) > 2” • /i(D), Minkowski’s Theorem shows that X(t) contains a point 
a{ci) 0 of o (a). For this a e a, 

I Nm(a)| = \oi(a)\---\<7 r (a)\\a r+ i{a)\ 2 ---\<j r+s (a)\ 2 
< (Y^\o i ct\ + 'Y^2\o i u\) n /n n (by 4.25) 


In order to have /i(X(t)) > 2 n ■ /x(D), we need (see 4.22, 4.26) 

2 r (:i/2) s t n / n ! > 2 n ■ 2~ s ■ Na • | A K | 2 , 
i.e., 

2” _r i 

t n > n\ -No- \Ak\ 2 - 

n s 

When we take t n to equal the expression on the right, we find that 

n\ 2 n ~ r i 

INm(a)| < —-—-Na-|Z\^| 2 . 

n" n s 

As n — r = 2s, this is the required formula. □ 

Proof (of Theorem 4.3) Let c be a fractional ideal in K — we have to show that the 
class of c in the ideal class group is represented by an integral ideal a with 

Na<5* = 4(-) \Ak\*. 

n n \n J 

For some d e K x , r/c -1 is an integral ideal, say (d ) ■ c _1 = b. According to the result just 
proved, there is a /3 e b, /3 ^ 0, with 

|Nm(/3)| < B K -m. 

Now /30k C b => ( j >Ok = ab with a integral, and a ~ b _1 ~ c. Moreover, 

Na-Nb = | Nnr^/Q^| < Bk -Nb. 

On cancelling Nb, we find that Na < Bk- □ 

Remark 4.28 Proposition 4.27 can be useful in deciding whether an integral ideal is 
principal. 


Binary quadratic forms 

Gauss studied binary quadratic forms, and even defined a product for them. This work 
was greatly clarified when Kummer and Dedekind defined ideals, and it was realized that 
Gauss’s results were related to the ideal class groups of quadratic number fields. Here I 
briefly explain the connection. 
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By a binary quadratic form we mean an expression of the form 

Q(X,Y) = aX 2 + bXY + cY 2 . 

We call the form integral if Q(m,n ) is an integer whenever m and n are integers, or, 
equivalently, if a,b,c eZ. The discriminant of Q is 

dQ — b 2 — Aac. 

A form is said to be nondegenerate if its discriminant is nonzero. Two integral binary 
quadratic forms Q and Q' are said to be equivalent if there exists a matrix A = ^ ^ s 

SL 2 (Z) such that 

Q\X,Y)= Q(aX + pY,yX + 8Y). 

Clearly, equivalent forms have the same discriminant, but there exist inequivalent forms with 
the same discriminant. The question considered by Gauss was to try to describe the set of 
equivalence classes of forms with a fixed discriminant. 

Let d 1 be a square-free integer, let K = Q{\fd}, and let dx = disc(C9^/Z). Define 
the norm form qx by 

q K (X,Y) =Nm K/Q (X + YVd) = X 2 -dY 2 , if r/ =2,3 mod4 


or 

K(IJ) = Nm w (I + f^) = X 2 + XY + ^Y 2 , ifd = l mod 4. 

In both cases qx has discriminant dx (= Ad or d). 

In general, if Q is an integral binary quadratic form, then d(j = dx f 2 , some integer /, 
where K = Moreover, if dQ — dx, then Q is primitive, i.e., gcd (a,b,c) = 1 . 

Fix a field K — ( Ql[\fd\ and an embedding K C. We choose \fd to be positive if 
d > 0, and to have positive imaginary part if d is negative. Set \fd~x = 2 Vd or \fd. Write 
Gal(A'ZQ) = {l,cr}. If d < 0, define C1 + (A') = C1(W) (usual class group of K) and if 
d > 0, define 

Cl + (K) = Id(K)/P + (K) 

where P + (K) is the group of principal ideals of the form (a) with a > 0 under every 
embedding of K into M. 

Let a be a fractional ideal in K , and let a\M2 be a basis for a as a Z-module. From 
(2.25) we know that 

a\ a 2 
era i 002 

After possibly reordering the pair a\ , a 2 we will have 


= <i^Ncr. 


a i 02 

OOi 002 



For such a pair, define 


Q au a 2 (X,Y) = Na 1 -Nm^/njCaiZ +a 2 Y). 


This is an integral binary quadratic form with discriminant dx- 
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Theorem 4.29 The equivalence class of Q ai ,a 2 (X* Y ) depends only on the image of a in 
C1 + (K); moreover, the map sending a to the equivalence class of Qa u a 2 defines a bijection 
from C/ + ( K) to the set of equivalence classes of integral binary quadratic forms with 
discriminant cIk ■ 

PROOF. See Frohlich and Taylor 1991, VII.2 (and elsewhere). □ 

In particular, the set of equivalence classes is finite, and has the structure of an abelian 
group. This was known to Gauss, even though groups had not yet been defined. (Gauss even 
knew it was a direct sum of cyclic groups.) 

Aside 4.30 Write hd for the class number of Q[Vd], d a square-free integer / 1. In modem 
terminology. Gauss conjectured that, for a fixed h, there are only finitely many negative d such that 
lid = h. (Actually, because of a difference of terminology, this is not quite what Gauss conjectured.) 
In 1935, Siegel showed that, for every e > 0, there exists a constant c > 0 such that 

hd > c\d\ z~ £ , d < 0. 

This proves Gauss’s conjecture. Unfortunately, the c in Siegel’s theorem is not effectively computable, 
and so Siegel’s theorem gives no way of computing the ds for a given /?. 

In 1951, Tatuzawa showed that Siegel’s theorem is true with an effectively computable c except 
for at most one exceptional d . 

It is easy to show that lid = 1 for —d = 1,2,3,7,11,19,43,67,163 (exercise!). Thus in 1951 
it was known that there exist these 9 quadratic imaginary number fields with class number 1, and 
possibly 1 more. 

In 1952 Heegner proved that there was no 10th such field, but his proof was not recognized to be 
correct until 1969 (by Deuring and Stark). In the interim. Baker (1966), Stark (1966), and Siegel 
(1968) had found proofs. 

More recently (1983), Goldfeld, Gross, and Zagier showed, using completely different methods 
from Siegel, that there is an effective procedure for finding all d <0 with hd equal to a given li. For 
an expository article on this, see Goldfeld, Bull. Amer. Math. Soc. 13 (1985), 23-37. 

By way of contrast, it is conjectured that there are infinitely many real quadratic fields with class 
number 1, but this has not been proved. 

NOTES Fermat stated, and probably proved, the three statements in Exercise 3-3. However, for 5 he 
could only state the following conjecture: 

If two primes are of the form 20 k + 3 or 20k + 7, then their product is of the form 
x 2 + 5y 2 . 

The fact that this statement is more complicated than it is for 1, 2, or 3 was the first indication that the 
arithmetic of the ring of integers in (Q^v^—5] is more complicated than it is in the fields with smaller 
discriminant. Lagrange found an explanation for Fermat’s statements by showing that all binary 
quadratic forms of discriminant —4 are equivalent, and similarly for discriminants —8 and —12, but 
that the forms of discriminant —20 fall into two equivalence classes. Dedekind was able to interprete 
this as showing that Q[V—5] has class number 2. 


Exercises 

4-1 Give an example of an integral domain B , a nonzero prime ideal p in B. and a subring 
A of B such that p FI A = 0. (Note that this can’t happen if B is integral over A — see the 
paragraph preceding 3.30.) 
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4-2 Let F C K C L be a sequence of number fields, and let A C B C C be their rings of 
integers. If £2|fp and '}3|p (prime ideals in C, B, and A respectively), show that 

e(Q/*P)-e(Wp) = e(Q/p), /(fl/^) •/(WP) = f(Q/ P)- 

4-3 Let K = Q[a] where a is a root of X 3 + X + 1 (see 2.37). According to (3.34), what 
are the possible ways that ( p) can factor in Ok as a product of prime ideals. Which of these 
possibilities actually occur? (Illustrate by examples.) 

4-4 Show that QfV—23] has class number 3, and that Q[V—47] has class number 5. 

4-5 Let K be an algebraic number field. Prove that there is a finite extension L of K 
such that every ideal in Ok becomes principal in Ol- [Hint: Use the finiteness of the class 
number.] 

4-6 Let K — Q[a] where a is a root of X 3 — X + 2. Show that Ok — Z[a] and that K 
has class number 1. [One approach is to consider the square factors of the discriminant of 
X 3 — X + 2, and show that ^(a + ba + ca 2 ) is an algebraic integer if and only if a, b, and 
c are all even, but you may be able to find a better one.] 

4-7 Let K = Q[V— T, x/5]. Show that Ok = Z[v^— T, 1 }. Show that the only primes 

(in Z) that ramify in K are 2 and 5, and that their ramification indexes are both 2. Deduce 
that K is unramified over 0[v / —5]. Prove that Q[v / —5] has class number 2, and deduce that 
K is the Hilbert class field of Q[\/^5]. (Cf. 4.1 1.) 






Chapter 


The Unit Theorem 


In this section we prove the second main theorem of the course. 


Statement of the theorem 

Recall that a finitely generated abelian group A is isomorphic to A tors © Z f for some t where 
A to rs is the (finite) subgroup of torsion elements of A (i.e., of elements of finite order). The 
number t is uniquely determined by A, and is called the rank of A. See GT 1.57. 

As before, we write r for the number of real embeddings of a number field K and 2s for 
the number of nonreal complex embeddings. Thus 

K <8>q K « I r x C 

and r + 2s = [K: Q], Moreover, if K — Q[aJ. then r is the number of real conjugates of a 
and 2s is the number of nonreal complex conjugates. 

Theorem 5.1 The group of units in a number field K is finitely generated with rank equal 
to r + s — 1. 

For example, for a real quadratic field, the rank is 2 + 0—1 = 1, and for an imaginary 
quadratic field it is 0 + 1 — 1 = 0. 

The theorem is usually referred to as the “Dirichlet Unit Theorem” although Dirichlet 
proved it for rings of the form Z[a\ rather than Ok- 

Write Uk {= 0£) for the group of units in K. The torsion subgroup of Uk is the group 
/i(K) of roots of 1 in K. 

A set of units u i,..., u r + s - i is called a fundamental system of units if it forms a basis 
for Uk modulo torsion, i.e., if every unit u can be written uniquely in the form 

u = i;ep(K), m, e Z. 

The theorem implies that pt{K) is finite (and hence cyclic). As we now explain, this 
can be proved directly. In Chapter 7, we shall see that, if £ m is a primitive /nth root 
of 1, then Q[£] is a Galois extension of Q with Galois group isomorphic to (Z/mZ) x . If 
m = \\ //' is the factorization of m into powers of distinct primes, then Z/mZ ~ Z/ /A' Z 
by the Chinese remainder theorem, and so (Z//zzZ) x — n (Z/ p r - 1 Z) x . As the nonunits of 
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Z/ p r .'7L are exactly the elements divisible by p, and there are p'f 1 of these, we see that 
|(Z/ j p[ , 'Z) x | = p\ i_1 {pi - 1), and so 

|(Z/mZ) x | = UP?~\Pi ~ !) = <p(m). 

Since 

Km e K =>■ Q[£ m ] C A =>• cp(m)\[K : Q], 
the field 77 can contain only finitely many . 

Lemma 5 .2 An element a € K is a unit if and only if a e Ok and Nm^ /q ol — ± 1 . 
PROOF. If a is a unit, then afi = 1 for some fi e Ok- Now Nm(of) and Nm(j3) both lie in 
Z and 1 = Nm (afi) — Nm(a) -Nm(^). Hence Nma e Z x = {±1}. 

For the converse, fix an embedding ero of K into C, and use it to identify K with a 
subfield of C. Recall (2.20) that 

Nm(a)= J~[ aa —a- J"~[ aa. 
a\K c -^-C u^cro 

Let fi = n a ^ ao aa. If a e Ok- then each a a is an algebraic integer (cf. the proof 2.11), 
and so fi is an algebraic integer. If Nm (a) = ±1, then afi = ±1 and so fi € K. Therefore, 
if a € Ok and has norm ±1, then it has an inverse ±/j in Ok, and so it is a unit. □ 

For all real fields, i.e., fields with an embedding into M, p-(K) = {±1}; for “most” 
nonreal fields, this is also true. 

Example 5.3 Let K be a quadratic field QfVr/]. Then Ok = {m + nVd \ m,n e Z} or 
{m + «(1 + \fd)/2 | m,n e Z}. In the two cases, the units in Ok are the solutions to the 
equations 

m 2 — n 2 d = ±1, or 
(2m + n) 2 — dn 2 = ±4. 

When d < 0, these equations (obviously) have only finitely many solutions, and so Uk — 
li(K). Note that Km lies in a quadratic field if and only if <p(m) < 2. This happens only for 
m dividing 4 or 6. Thus //( K ) = {±1} except for the following fields: 

Q[i], fi(K) — {±1, ±z}; _ 

Q[V— 3], n(K) = {±l,±p,±p 2 }, withp = (1 + v /= 3)/2). 

When d > 0, the theorem shows that there are infinitely many solutions, and that Uk — 
for some element u (called the fundamental unit). As Cohn (1978 1 ) puts it, “the actual 
computation of quadratic units lies in the realm of popularized elementary number theory, 
including devices such as continued fractions.” The method is surprisingly effective, and 
yields some remarkably large numbers — see later. 

Example 5.4 Let K = Q[a], where a is a root of X 3 + 10X + 1. We know that the 
discriminant Ak — —4027. Since sign(A^) = (—l) 5 and r + 2s = 3, we must have r — 
1=5. From its minimum equation, we see that Nm(a) = — 1, and so a is a unit. Clearly 
a is of infinite order, and later we shall show that it is a fundamental unit, and so Uk = 
{±u m | m e Z}. 

'Cohn, Harvey. A classical invitation to algebraic numbers and class fields. With two appendices by Olga 
Taussky: ’’Artin’s 1932 Gottingen lectures on class field theory” and ’’Connections between algebraic number 
theory and integral matrices”. Universitext. Springer-Verlag, New York-Heidelberg, 1978. xiii+328 pp. 
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5. The Unit Theorem 


Proof that U K is finitely generated 

We first need an elementary result. 

Proposition 5.5 For any integers m and M, the set of all algebraic integers a such that 

o the degree of a is < m, and 
o \a'\< M for all conjugates a' of a 

is finite. 

PROOF. The first condition says that a is a root of a monic irreducible polynomial of degree 
< m, and the second condition implies that the coefficients of the polynomial are bounded in 
terms of M. Since the coefficients are integers, there are only finitely many such polynomials, 
and hence only finitely many as. □ 

Corollary 5.6 An algebraic integer a, each of whose conjugates in C has absolute value 
1 , is a root of 1. 

PROOF. According to the proposition, the set {1,a, a 2 ,...} is finite. □ 

Remark 5.7 It is essential in (5.6) to require a to be an algebraic integer. For example, 
a = (3 + 4/)/5 and its conjugate both have absolute value 1, as do their powers, but the set 
{l,a,a 2 ,...} is not finite. 

Recall that we previously considered the map 

o\K -* M r x CP, a i-> (oya,... ,o r a,o r +\oi,... ,a r + s a) 

where {oy,... ,o>,oy+i,d>+i, • •. ,a r + s ,d r + s } is the complete set of embeddings of K into 
C. It takes sums to sums. Now we want a map that takes products to sums, and so we take 
logarithms. Thus we consider the map: 

L : K x —>■ a i->- (log|oya|_,log|CTra|,log|o>+ia|,...,log|o>+ i? a|). 

It is a homomorphism. If u is a unit in Ok. then Nm k/q n = ± 1, and so 

|oyn| |oyn||o>+in| 2 ---|oy+,sn| 2 = 1. 

On taking logs, we see that L(u) is contained in the hyperplane 

H : X\ + • • • + x r + 2a>+i + • ■ ■ + 2x r +,s = 0. 

Dropping the last coordinate defines an isomorphism H % M'' +,v-1 . 

Proposition 5.8 The image of L.U —H is a lattice in H. and the kernel of L is a finite 
group (hence is n(K)). 

PROOF. Let C be a bounded subset of H containing 0, say 

C C{xeH \ \xi\ < M}. 

If L(u) e C, then \oju\ < e M for all j , and Proposition 5.5 implies that there are only 
finitely many such ns. Thus L(U) n C is finite, and this implies that L(U) is a lattice in H 
(by 4.15). If a is in the kernel of L, then |cr,a| = 1 for all i, and so the kernel is finite by 
Proposition 5.5. □ 

Since the kernel of L is finite, we have 

rank(U) = rank(L(f/)) < dim// = r + s — 1. 
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Computation of the rank 

We now prove the unit theorem. 

Theorem 5.9 The image L(U) of U in H is a full lattice; thus U has rank r + s — 1. 

PROOF. To prove the theorem, we have to find a way to construct units. We work again with 
the embedding 

o:K <^R r xC s ^M r+2j . 

For x = (xi,...,x r ,x r +i,...) eR r x C s , define 


Nm(x) = Xl---X r -X r+ l-X r+1 ---Xr+s-X r +s- 

Then Nm(a(a)) = Nm(a). Note that |Nm(x)| = |xi| • \x r ||x,-+i| 2 • • • |x r +^| 2 . 

Recall from (4.26), that a (Ok) is a full lattice in M r x C' v , and the volume of its 
fundamental parallelopiped is 2 -,v ■ | A | 2 ; in more detail, if a 1 ,..., a n is a Z-basis for Ok , 
then we showed that the absolute value of the determinant of the matrix whose i th row is 

o(cii) = (a 1 (a;).5R(cr r+ i(a/)),S(a r+ i(o!/)),...) 

is 2~ s ■ | Z\ 1 2 . In fact, we showed that we could get this matrix from the matrix whose i th 
row is 

(CTl (di ),... , Or +1 (dj ), O r +1 (d {),.. .) 

by some elementary column operations that multiplied the absolute value of the determinant 
by 2 ~ s , and we know that the determinant of the second matrix is ± | A 1 2 . 

In the rest of the proof will be a point of M'’ x C ,v with 2 

1/2 < | Nm(x) | < 1. 

Define 

x-o(Ok) = {x-a(a) | d e Ok}- 

Since M r x C' 5 is a ring, this product makes sense. This is again a lattice in l r xC s , and the 
volume of its fundamental parallelopiped is the determinant of the matrix whose i th row is 

(xicri (di),... ,5R(xr+io>- + i («/))- S(x r+ ia r+ i (a/)),...). 

As before, the absolute value of the determinant of this matrix is 2~s times the absolute 
value of the determinant of the matrix whose i th row is 


(xiOi(di),... ,X r + l ■ (T r + l(di),X r + i ■ O r + i(dj),.. 


which is 

|Z\| J • |Nm(x)|. 

Therefore x-o(Ok) is a lattice with 2~s\A \2 | Nm(x)| as the volume of its fundamental 
domain. Note that as x ranges over our set these volumes remain bounded. 

Let T be a compact convex subset of K r xC s , which is symmetric in the origin, and 
whose volume is so large that, for every x in the above set, Minkowski’s theorem (4.19) 

2 In fact, for the application to units, we need only consider the x with | Nm(x)| = 1. 
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implies there is a point y of Ok, Y ^ 0, such that x-o(y) e T. The points of T have bounded 
coordinates, and hence bounded norms, and so 

x-o(y) G T |Nm(x-CT(y))| < M , 
for some M (depending on T)\ thus 

|Nm(y)| < M/Nm(x) < 2 M. 

Consider the set of ideals y ■ Ok, where y runs through the y ’s in Ok for which x ■ a (y) G T 
for some x in our set. The norm N of such an ideal is < 2 M, and so there can only be finitely 
many such ideals, say yi ■ Ok,- • ■ ,yt ■ Ok- Now if y is any element of Ok with x-er(y) G T, 
some x, then y ■ Ok = Yi ■ Ok for some i , and so there exists a unit e such that y = y,- ■ s. 
Then x- a(s) g oiyf 1 ) ■ T. The set T' = o^yj -1 ) T U ... U aiy^ 1 ) ■ T is bounded, and so 
we have shown that, for each x in our set there exists a unit s such that the coordinates of 
x • o (s) are bounded uniformly in x (the set T' doesn’t depend on x). 

We are now ready to prove that L(U) is a full lattice in H. If r + s — 1 = 0, there is 
nothing to prove, and so we assume r + s — 1 > 1 . 

For each i, 1 < i <r + s, we choose an x in our set such that all the coordinates of x 
except Xi are very large (compared with T'), and x\ is sufficiently small that | Nmx| = 1. We 
know that there exists a unit e; such that x • a(si ) has bounded coordinates, and we deduce 
that \ojSi | < 1 for j / i, and hence that log |OjSj | < 0 . 

I claim that L(e i),..., L{s r j rS -\) are linearly independent vectors in the lattice L(U). 
For this we have to prove that the matrix whose i th row is 


(l l (ei),...,l r (ei),2l r+1 (si),...,2l r+s -i(ei)), U (e) = log 107 e 


is invertible. The elements of the matrix except those on the diagonal are negative, but the 
sum 


h(£i) + ••• + + 2 / r +i(e ; ) +... +2l r j rS {si) — 0 , 


and so the sum of the terms in the i th row 

^1 (£;') + ... + lr (£(') + 2l r -\-i(Si) + ... + 2l r -\-s-\ (si) = —2 lr+s(Si) > 0 . 

The next lemma implies that the matrix is invertible, and so completes the proof of Theorem 
5 . 9 . □ 

Lemma 5.10 Let (a,j ) be a real m x m matrix such that 

o ciij < 0 for i / y; 
o ciij > 0 fori = 1 , 2 , ...,m. 

Then (a ;/ ) is invertible. 

PROOF. If it isn’t, then the system of equations 



i = 1 . m 


has a nontrivial solution. Write x\,...,x m for such a solution, and suppose /o is such that 
\xi Q | = max{|x v | | . We can scale the solution so that x U] = 1. Then |xj \ < 1 for j / i 0 , and 
the loth equation gives a contradiction: 



□ 
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S -units 

Let 5 be a finite set of prime ideals of K, and define the ring of S-integers to be 

O k (S) = p| O p = {a e K\ ord p (a) > 0, all p $ 5}. 

For example, if S — 0, then Ok(S ) = Ok- 
Define the group of S-units, to be 

U(S) = O k (S) x = {aeK\ ord p (a) = 0, all p / 5}. 

Clearly, the torsion subgroup of U(S) is again pt{K). 

Theorem 5.11 The group of S-units is finitely generated with rank r + ,s' + #S — 1 . 
PROOF. Let Pi , p2, _ pt be the elements of S. The homomorphism 

u !—►(..., ord Pi (u),.. ,):U(S ) —Z f 

has kernel U. To complete the proof, it suffices to show that the image of U(S ) in Z ? has 
rank t. Let h be the class number of K. Then p 1 / is principal, say p 1 ' = (717), and n, is an 
S -unit with image 

( 0 ,..., h . 0 ) (/? in the i th position). 

Clearly these elements generate a subgroup of rank t . □ 

For example, if K = Q and S = {(2), (3), (5)} then 

U(S) = {±2 k 3 m 5 n | k,m,n s Z}, 
and the statement is obvious in this case. 


Example: CM fields 

A number field is totally real if all of its embeddings in C lie in M, and it is totally imaginary 
if none of its embeddings in C lie in M. For example, K = Q\a\ — Q[A]/(/) is totally real 
if all the roots of / are real, and it is totally imaginary if none of the roots of / are real. 

A CM field is a totally imaginary quadratic extension of a totally real field. Every such 
field can be obtained from a totally real field by adjoining the square root of an element all 
of whose real conjugates are negative. 

Let K be a CM field, which is a quadratic extension of the totally real field K + , and let 
2 n = [K : Q], Then K has 2 n complex embeddings and K + has n real embeddings, and so 

rank(Lx) = n — 1 = rank(t/^+). 

Therefore, U K + has finite index in Uk ■ In fact, it is possible to prove more. 

Proposition 5.12 The index of pt{K) ■ U K + in Uk is either 1 or 2. 

PROOF. Let a i-»- a be the nontrivial automorphism of K fixing K + . Then p(a) = p(a) for 
all homomorphisms p: K —>■ C. In particular, for any a € Uk, all conjugates of a fa in C have 
absolute value 1, and so a/a e p(K) (by 5.6). Consider the map 4>: Uk —>• pt{K)/gi{K) 2 
determined by a i-> a/a. Clearly 0 is a homomorphism. Suppose u lies in its kernel, so 
that u/u = for some t, e pt(K). Then = 1, and so uf, e K + . It follows that 

u 6 fr(K) ■ U K + ■ Conversely, if u — ^-u + e fi(K) ■ U K +, then u/u — t, 2 € Ker(0). We 
have shown that Ker(</>) = n(K) ■ U K +- As //( K)//i(K) 2 has order 2, this completes the 
proof. □ 
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Example: real quadratic fields 


An expression 


flO + 


Cl 1 + 


0,2 + 


a 3 + ■ 


is called a continued fraction. We abbreviate the expression on the right as 


[ao.ai.fl2,---]- 


We shall always assume that the a,- are integers with a i > 0, a 2 > 0,_ The integers a,- 

are called the quotients, and [ao.flt,...,«>/] is called the mh convergent. Every irrational 
number a can be expressed in just one way as an infinite continued fraction, and the continued 
fraction is periodic if and only if a has degree 2 over Q. (See any book on elementary number 
theory, for example, Hardy, G. H., and Wright, E. M., An Introduction to the Theory of 
Numbers, Oxford Univ. Press, 1960 (4th edition). Chapter X.) 

Now let d be a square-free positive integer, and let s be the (unique) fundamental unit 
for Q[VZ] with £ > 1. Let s be the period of the continued fraction for \j~d and let p [ q be 
the (s — l)th convergent of it; then 

s — p + qsfd if d = 2,3 mod 4, or d = 1 mod 8, 


and 

e — P + q Vd or £ 3 = p + q Vd otherwise. 

Using a computer algebra program, it is very easy to carry this out, and one obtains some 
spectacularly large numbers. 

For example, to find the fundamental unit in Q[y / 94j, first compute a/ 94 = 9.6954.... 
Then compute the continued fraction of a/94. One gets 

{9,1,2,3,1,1,5,1,8,1,5,1,1,3,2,1,18,1,2,3,...}. 


This suggests the period is 16. Now evaluate the 15th convergent. One gets 

2143295 
221064 ‘ 


Hence the fundamental unit > 1 is 

£ = 2143295 + 221064•794. 

Compute that 

(2143295) 2 - (221064) 2 • 94 = 1, 
which verifies that £ is a unit. 

When one carries out this procedure for <Q[^/9199], the first coefficient of the fundamen¬ 
tal unit has 88 digits! The computer has no problem finding the fundamental unit — the only 
problem is counting the length of the period, which is about 180. 
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Example: cubic fields with negative discriminant 

Since the sign of the discriminant is (—l) 5 (see 2.40), a cubic field K will have negative 
discriminant if and only if r = 1 = s. We identify K with a subfield of M using its unique 
real embedding. We have A < 0, and the group of units is {±e m j for some s (fundamental 
unit). We want to find s. Since —s, —s~ l , and e _1 are also fundamental units, we may 
suppose that e > 1. 

Lemma 5.13 Let K be a cubic extension ofQ with negative discriminant, and let s be the 
fundamental unit with s > 1. Then 


\A k \ <4e 3 + 24. 

PROOF. Since e ^ Q, it must generate K. The two conjugates of s (other than e itself) must 
be complex conjugates, and so the product of s with its conjugates must be +1 (rather than 
— 1). Write e — u 2 , u € M, u > 1. Then the remaining conjugates of e can be written 

u~ 1 e l9 , u~ l e~ l9 (0 <6 < jt). 

Let A! = D(l,s,s 2 ) be the discriminant of the minimum equation of e. Then 
A '2 = ( u 2 — u~ 1 e ld )(u 2 — u~ 1 e~ ,9 )(u~ l e' 9 — u~ l e~' 9 ) — 2 i (u 3 + u~ 3 — 2 cos 6) sin0. 
If we set 2£ = w 3 + u -3 , then 

\A'\%- — 4(^ — cos 0) sin 0, 
which, for a given u, has a maximum where 

£ cos 8 — cos 2 8 + sin 2 8 — 0, 


or 

— g(x) = £.x — 2x 2 + 1 = 0, |x| < 1, x = cos 8. 

We seek a root of g(x) with |x| < 1. But g(l) = 1 — £ < 0 (because u > 1 implies £ = 

u ~2 > 1), and ^(—^ 3 ) = f (w -6 — 1) < 0. Since g(x ) = 2x 2 H-, it follows g(x) has 

one root > 1, and that the desired root xq, with |xo| < 1, is < — ■ But then 


x n > 


—6 


4m 6 


4xq < 0 


—6 


"4x 0 2 ■ 


4xq < 0. 


(13) 


This maximum yields 

\A'\ < 16(^ 2 —2^X 0 +Xq)(1 — Xq), 

and, on applying the conditions £xo = 2 xq — 1, ^ 2 Xq = 4xq — 4xq + l, and the inequality 
(13) we find that 


\A'\ < 16(^ 2 + 1 — Xq — Xq) = 4w 6 + 24 + 4{u 6 — 4xq — 4xq) < 4w 6 + 24. 


Hence 

\A'\ < 4e 3 + 24. 

Since A' — ■ (square of an integer), this completes the proof. 
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Example 5.14 Let K — Q[a] where a is a real root of X 3 + 10X + 1. Here the discrim¬ 
inant is —4027, and so e > 402 ^~ 24 > 10 for £ the fundamental unit with £ > 1. Note 

that Nm(a) = —1, and so a is a unit. Moreover, a = —0.0999003... and so /3 = —a -1 = 
10.00998.... Since /3 is a power of s, we must have /3 = £; i.e., —a -1 is the fundamental 
unit > 1. Thus 

U K = {±a m I m e Z}. 

Once one knows £, it becomes easier to compute the class group. We know (see 3.48) 
that there is a prime ideal p = (2,1 + a) such that N(p) = 2. One shows that p generates 
the class group, and it then remains to find the order of p. One verifies that p 6 is the ideal 
generated by , and so it remains to show that p 2 and p 3 are nonprincipal. 

Suppose p 3 = (y). Then y 2 = ±u m ■ for some m and choice of signs. But this 

says that at least one of the numbers —a s 9 uare - Let /3 be that 

number. If q is a prime ideal such that /3 e O q (i.e., such that ord q (/3) > 0), then we can look 
at /3 mod q and ask if it is a square. 

We first work modulo 29. We have 

X 3 + 10X + 1 = (X + 5)(X - 3)(JST - 2) mod 29. 


Take q to be the ideal (29,a — 2). The residue field Ok /q is F 29 = Z/(29), and the map 
Z[a\ —> F 29 is a i-> 2 (mod 29). Thus 

oi — 1 1 —> 1, cl -)- 2 1 — > 4 , (of T 2) ^ i— > 22, — 1 1 — > — 1 . 


The numbers 1, 4, and —1 = 12 2 are squares modulo 29, but 22 is not; hence m must be 0. 
Since < 0 it can’t be a square in K (since it isn’t even in M), and so the only possibility 
for /i is — We eliminate this by looking mod 7. 

Take q = (7,a + 3) (see 3.48). Then in the map Z[a] —>• Z[a]/q = F 7 , 

a — 1 -3 1 

ol 1 —> —3 = 4,-— = — = —4 = 3 mod 7, 

ol + 2 6 2 


and 3 is not a square modulo 7. Thus — j s no t a square in Q[a], 

Similarly, p 2 = (y) can be shown to be impossible. Thus C1(C9^) is a cyclic group of 
order 6 . 


Finding fi(K) 

As we noted eariler, if Q[/ m ] C K, where is a primitive mth root of 1, then (p(m)\[K'.Q}. 
Thus there are only finitely many possibilities for m. For each of them, use the test in the 
later section on algorithms to determine whether the minimum polynomial for / m has a 
root in K. 


Finding a system of fundamental units 

One strategy for finding units in the general case seems to be to find lots of solutions to 
equations Nm(o') = m for m a fixed small number, and then take quotients of solutions. 
Note that there can be only finitely many ideals a with N(a) = nr, thus if we have lots of 
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elements cq with Ninja,-) = m, then frequently a,- ■ Ok = oij ■ Ok , and this implies that a, 
and aj differ by a unit — note that this was the strategy used to prove the unit theorem. See 
Pohst and Zassenhaus 1989, Chapter 5. 


Regulators 

There is one other important invariant that we should define. Let t — r + s — 1, and let 
Mi, u t be a system of fundamental units. The vector L(m, ) e M r+ ' s projects to 

def 

l(Ui) = (log|CT 1 M/|,...,log|ff r M/|,2-log|o>. + 1 M / |,...,21og|o-fM ; |) 

in IRC and the vectors t(n,) generate a lattice l(U) in MR The regulator of K is defined to 
be determinant of the matrix whose zth row is l(u{). Thus, up to sign, the regulator is the 
volume of a fundamental domain for l(U) (regarded as a full lattice in M f ). 3 

The regulator plays the same role for the group of units (mod torsion) that the discriminant 
plays for Ok- One can similarly define the regulator of any set {s\ , ...,£,} of independent 
units, and the index of the group generated by the e, and ji{K) in the full group of units is 
measured by ratio 

|Reg(£i,...,£f)|/|Reg(T/)|. 

There are lower bounds for the regulator (see Pohst and Zassenhaus 1989, p 365) similar 
to the one we proved for a cubic field with one real embedding. 

For an algorithm that computes the class group, regulator, and fundamental units of a 
general number field, but which requires the generalized Riemann hypothesis to prove its 
correctness, see Cohen 1993, Algorithm 6.5.9. 

NOTES To find the units in Q[Vd], d > 0, one has to solve certain diophantine equations (see 5.3), 
whose study has a long history. Theorem 5.1 was proved by Dirichlet (1840, 1846) 4 only for rings of 
the form Z[a\ because, at the time, a definition of Ok was lacking. However, his proof extends easily 
to Ok (and to Ok(S )). 


Exercises 

5-1 Fix an m and M. Is it necessarily true that the set of algebraic integers a in C of degree 
< /M and with |a| < M is finite? [Either prove, or give a counterexample.] 

5-2 Find a fundamental unit for the field Q[\/67]. 

5-3 Let a be an element of a number field K. Does Nm^mja) = ± 1 imply that a is unit 
in Ok- [Either prove, or give a counterexample.] 


3 Kwangho Choiy writes: in the definition of regulators, I think that L(uj) may have to be more precise, i.e., 
we can make sure about the index of a. But the definition in the notes is still correct. 

4 Dirichlet, P. G. Lejeune-, Sur la theorie des nombres, C. R. Acad. Sci. Paris 10 (1840), 285-288. Dirichlet, 
P. G. Lejeune-, Zur Theorie der complexen Einheiten. Verhandl. Preuss. Akad. Wiss. (1846), 103-107. 
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Cyclotomic Extensions; Fermat’s 

Last Theorem. 


The cyclotomic 1 extensions of Q are those generated by a root of 1. They provide interesting 
examples of the theory we have developed, but, more significantly, they have important 
applications, for example, to Fermat’s last theorem and to the existence of reciprocity laws 
(more generally, to class field theory itself). 


The basic results 

An element £ of a field K is said to be a primitive nth root of 1 if £” = 1 but C, d ^ 1 for any 
d <n, i.e., if £ is an element of order n in K x . For example, the /fill roots of 1 in C are the 
numbers e 2nim ' n , 0 < m < n — 1 , and the next lemma shows that e 2nim/ " is a primitive nth 
root of 1 if and only if m is relatively prime to n. 

Lemma 6. 1 Let £ be a primitive nth root of 1. Then is again a primitive nth root of 1 if 
and only if m is relatively prime to n. 

PROOF. This is a consequence of a more general fact: if a is an element of order n in a 
group, then a m is also of order n if and only if m is relatively prime to n. Here is the proof. 
If d\m,n, then ( a m )d = a" 77 — 1. Conversely, if m and n are relatively prime, then there 
are integers a and h such that 

am + bn = 1. 

Now a am — a and so ( a m ) d — 1 =>• a d — ( u am ) d — 1 =>■ n\d. □ 

Let K — (Q>[£], where £ is a primitive ;fih root of 1. Then K is the splitting field of 
X n — 1, and so it is Galois over <Q>. Let G = Gal(Q[£]/Q). It permutes the set of primitive 
nth roots of 1 in K, and so, for any o e G, at, — for some integer m relatively prime to 
n \ moreover, m is well-defined modulo n. The map o (->■ [m\ is an injective homomorphism 
G —>• (Z/nZ) x . In FT 5.9, 5.10, it is proved that this map is an isomorphism, and so 

def 

[K : Q] = (p{n) = #(Z/«Z) X . We shall give another proof, and at the same time obtain many 
results concerning the arithmetic of Q[£], 

1 The name cyclotomic (circle-dividing) derives from the fact that the nth roots of 1 are evenly spaced around 
the unit circle. 
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The cyclotomic polynomial <P n is defined to be, 

cp n (x) = i\(x-n 

where the product runs over a set of representatives m for the elements of (Z/nZ) x , for 
example, over the integers m, 0 < m <n — 1, relatively prime to n. Equivalently, 

cP n (X) = Y\(X-0 

where £' runs over the primitive nth roots of 1. Because G permutes the 0 n (X ) e Q[X], 
and clearly c P n (() = 0. Therefore, <t> n (X ) is the minimum polynomial of ( if and only if it 
is irreducible, in which case [K : Q] = (p(n) and the map G (Z/nZ) x is an isomorphism. 
Hence the following statements are equivalent: 

(a) the map Gal(<Q>[£]/(Q>) -> (Z/nZ) x is an isomorphism; 

(b) [Q[(] : Q] = (p(n); 

(c) Gal(Q[£]/Q) acts transitively on the set of primitive nth roots of 1 (i.e., they are 
conjugates); 

(d) (P n (X) is irreducible (and so <P n (X) is the minimum polynomial of (). 

We shall see that all these statements are true. 

Note that each nth root of 1 is a primitive d th root of 1 for exactly one d\n, and so 

x"-i=n^(x)=(x-i)-<p„(x). 

d\n 

To find the nth cyclotomic polynomial, type “polcyclo(n,X)” in PARI. For example, 

0 3 (X) = X 2 + X + 1 
<J> 4 (X) = X 2 + 1 
<P 6 (X) = X 2 -X + 1 
0i 2 (X) = X 4 -X 2 + 1 


and 


X 12 - 1 = (X - 1)(X + 1)(X 2 + X + 1)(X 2 + 1)(X 2 - X + 1)(X 4 - X 2 + 1). 

We first examine a cyclotomic extension in the case that n is a power p r of a prime. 
Proposition 6.2 Let £ be a primitive p r th root of 1, and let K = Q[£], 

(a) The held Q[£] is of degree cp(p r ) = p r ~ 1 (p— 1) over Q. 

(b) The ring of integers in Q[£] is 7L [£]. 

dcf 

(c) The element n — 1 — t, is a prime element of Ok, and ( p) = (n) e with e = (p( p r ). 

(d) The discriminant of Ok over Z is ±// , some c (in fact, c = // “’ ( pr — r — X)); 
therefore, p is the only prime to ramify in Q[£], 

PROOF. Because £ is integral over Z, the ring Z[£] is contained in Ok- 

If is another primitive p' th root of 1, then (' = and ( = ( n for some integers s and 
t not divisible by p, and so Z[£'] = Z[£\ and Q[^] = Q[^]. Moreover, 

iz| = i+f+...+^-i G z[a 
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Similarly, (1 — £)/(l — £') e Z[£], and so (1 — ^')/(l — £) is a unit in Z[£] (hence also in Ok)- 
Note that 


CP p r(X) 


xp r - 1 

XP r_1 - 1 


---^ = 1 + t + --- + t p ~\ t = x pT \ 

t-1 


and so 

<V(1) = P- 

For its definition, we see that 

<V (1) = Hd - n = n 1 (! - ?) = M ■ (! - 0 v(/,r) , 

with u a unit in Z[£], Therefore we have an equality of ideals in Ok, 

(p) = (n) e , ix = I - £, e = (p(p r ), (14) 

and so (p) has at least <p(p' ) prime factors in Ok- Now (3.34) implies that [Q[£] : ©] > 
xp(p r ). This proves (a) of the Proposition since we know [Q[£] : Q] < cp(p r ). 

Moreover we see that n must generate a prime ideal in Ok, otherwise, again, (p) would 
have too many prime-ideal factors. This completes the proof of (c). 

For future reference, we note that, in Ok, 

(P) = P v(pr \ P = (x), /(P/P) = l- 

The last equality means that the map Z/(/»)—>• Ok/(k) is an isomorphism. 

We next show that (up to sign) disc(Z[£]/Z) is a power of p. Since 

disc(0*/Z) ■ (O k : Z [£]) 2 = disc(Z[f]/Z), 


this will imply: 

(i) disc (Ok /Z) is a power of p; 

(ii) (Ok ■ Z[£]) is a power of p, and therefore p M O k C Z[£] for some M. 

To compute disc(Z[£]/Z), we shall use the formula in (2.34), which in our case reads: 

disc(Z[£]/Z) = ±Nmy Q (0' r (()). 

On differentiating the equation 

(X pr ~ l -l)-0 p r(X) = X pT -1 

and substituting £ for X, we find that 0' pr (K) = p r K p ' - 1)- Clearly 

Nm^ /Q ( = ±1, Nm K/Q p r = (pT 00 = p r ^ p '\ 


We shall show that 

Nm^O —^ S ) = ±p pS , 0 < 5 < r, 

and so 


Nm^ 0' pr (0 = ±p c , c — r(p — 1) p r ~ x - p r ~ x = p r ~ l (pr -r- 1). 
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First we compute Nm^/Q(l — £). The minimum polynomial of 1 — £ is <P p r (1 — X), 
which has constant term @ p r (1 ) = p, and so Nm^/Q(l — £) = ± p. 

We next compute Nm^/Q(l — / p ') some s < r. Because / pS is a primitive //~ v th root 
of 1, the computation just made (with r replaced by r — s) shows that 

Nm QhT*]/Q( 1- ^) = ± P- 

Using that 

Nm^ = Nmi^oNmjf^ and Nm^a = if a e L, 


we see that 

Nmjr /Q (l - = ±P a where a = [Qtf] : Q[^]] = <p(p r )/<p(p r - s ) = p s . 

This completes the proof of (d). 

We are now ready to prove (b). As we observed above the inclusion Z «->■ Ok induces 
an isomorphism Z/(/?)—>■ Ok/ (tt). In other words, 

Ok — Z + n Ok < 


and so, certainly, 


Ok = Z[£] + xOk- 


On multiplying through by n, we obtain the equality 


ttOk = 7rZ[^] + 7T 2 Ok- 


Therefore, 

Ok = Z[£] + + ti 2 Ok 

= m+n 2 o K . 

On repeating this argument, we find that 

0 * = Z[t] + 7r m 0* 

for all m > 1. Since ^ — px (unit), this implies that 

for all m > 1. But for m large enough, we know that p m OK C Z[£], and so Z[£] = Ok- 
This completes the proof of (b). □ 

Remark 6.3 (a) The sign of the disc((Q>[£]/(Q>), / any root of 1, can be computed most 
easily by using (2.40a). Clearly Q[£] has no real embeddings unless £ = ±1 (and Q[£] = Q), 
and so, except for this case, 

sign(disc(Q[f]/Q)) = (- 1 Y, s = [<Q>[f] : Q]/2. 

If / is a primitive //th root of 1 , p r > 2 , then 

[Q[t;}-.Q]/2 = (p-l)p r - l /2 
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which is odd if and only if p r = 4 or p = 3 mod 4. 

(b) Let £ and £' be primitive p r th and c/ v tli roots of 1. If p and q are distinct primes, then 

Q[f]nQ[n = Q. 

because if K C Q[£], then p ramifies totally in K and q does not, and if K C Q[£ ; ], then q 
ramifies totally in K and p does not, and these are contradictory unless K — Q. 

Theorem 6.4 Let £ be a primitive n th root of 1 . 

(a) The held Q[£] is of degree (pin) over ©. 

(b) The ring of integers in <Q>[£] is Z[£], and so 1, £,..., is an integral basis for 

0q[£] over Z. 

(c) If p ramihes in Q[£] then p\n: more precisely, ifn — p' ■m with m relatively prime 
to p, then 

( P ) = m--y s ) Hpr) 

in Q[£] with thedistinct primes in ©[(]. 

PROOF. We use induction on the number of primes dividing n. Suppose that p\n, and 
write n = p r ■ m with m not divisible by p. We may assume the theorem for m. Note that 
t^ p r = t, m is a primitive p r th root of 1, = C t p ' is a primitive /nth root of 1, and that 

Q[£] = ©[©,/■] -Q[£ m ]. Consider the fields: 


QK] (por (pr) = UP,o 



Q (p) 


According to Proposition 6.2, (p) ramifies totally in Q[£pr], say (p) = p* 9 ^), but 
is unramified in Q[£ m ], say (p) = pi -• • with the p/ distinct primes. Because Q[£] is 
obtained from Q[£„,] by adjoining £©■, its degree over Q[£ m ] is at most ip(p r ). It follows 
from Theorem 3.34 that p i • ■ ■ p^ can become a (p(p r ) th power in Q[£] only if [©[£]: Q[£m]] = 
( p{p r ) and each prime p,- ramifies totally in Q[£], say P/Oq^] = \ Therefore, [Q[£] : 

Q] = (p(p r ) ■ (p(m) = (p(n), and to complete the proof, it remains to show that = 

Z[£ p r , j = Z[?]. This is accomplished by the next lemma, because the only primes that 
can divide the discriminant of Q[f,„]/Z are the divisors of m (induction hypothesis and 
3.35). □ 

Lemma 6.5 Let K and L be hnite extensions of Q such that 

[KL:Q\ = [K:Q\-[L:Q\, 

and let d be the greatest common divisor of disc(0zs;/Z) and disc(C©/Z)). Then 


Ok l C d 1 Ok-Ol ■ 
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PROOF. Let {ai, and {fii . ( J > n j be integral bases for K and L respectively. Then 

o'/ Pj is a basis for K ■ L over Q. Thus every y € Okl can be written in the form 

Y = T, —(XiPj, aij,r e Z, 

U 

with y- uniquely determined. After dividing out any common factors from top and bottom, 
no prime factor of r will divide all the aij, and we then have to show that r\d. 

When we identify L with a subfield of C, every embedding a of K into C will extend 
uniquely to an embedding of K ■ L into C fixing the elements of L. To see this, write 
K = Q[a\: then K ■ L = L\a\, and the hypothesis on the degrees implies that the minimum 
polynomial of a doesn’t change when we pass from Q to L; there is therefore a unique 
L -homomorphism L [a] —>• C sending a to aa. 

On applying such a a to the above equation, we obtain an equation 

o-(y) = 

ij 

Write x, = ( ajj / r)Pj , and let oq, 02 , o m be the distinct embeddings of K into C. We 

obtain a system of m linear equations 

'Y2a k (a i )x i = a k (y), k = l,2,...,m, 
i 

and Cramer’s rule tells us that 

Dxi = Dj 

where D = det(ay (a,)) and D, is a similar determinant. According to (2.26), D 2 = A = 
disc(O^/Z), and so 

A-xi = DDi. 

By construction, both D and D, are algebraic integers, and so A ■ Xj is an algebraic integer. 
But Axi = YL Aa p J P.h ar *d the [ij s form an integral basis for O k , and so / y u - e Z. Hence 
r\Aaij all i,j, and, because of our assumption on r and the aij s, this implies that r |z\. 

Similarly, r \ disc((9^/Z), and so r divides the greatest common divisor of disc(C9^/Z) 
and disc (Ol/Z). □ 

Remark 6.6 (a) Statement (c) of the theorem shows that if p divides n, then p ramifies 
unless <p(p r ) = 1. Since <p(p r ) = p r ~ 1 {p— 1), this happens only if p r = 2. Thus, if p 
divides n, then p ramifies in 0\i[ n ] except when p = 2 and n = 2 ■ (odd number). 

(b) Let m be an integer > 1; then cp{mn) > <p(n) except when n is odd and m = 2. 
Therefore // (Q [[ n \) is cyclic of order n (generated by [ n ) except when n is odd, in which 
case it is cyclic of order 2 n (generated by —[ n )- 

(c) In the situation of the lemma, 

disc(WL/Q) = disc(W/Q) [L:Q] -disc(L/Q) [ * :Q] , (15) 

provided Okl — Ok ■ O k . This can be proved by an elementary determinant calculation. 
Using this, one can show that, for [„ a primitive nth root of 1, 

disc(Q[£„]/Q) = (_i )<pW/ 2 n <p(n)/Y[ p <pW/(p- D. 

p\n 
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The example 


Q[i,V5] = <Q[*]-Q[V=5] 


shows that the condition on the rings of integers is necessary for (15) to hold, because the 
extensions Q[i] and 0[V—5] have discriminants 4 and 20 respectively, but Q[i, Vsj has 
discriminant 4 2 5 2 = 4 2 20 2 /4 2 . 

Class numbers of cyclotomic fields 

Let £ be a primitive pth root of 1, p an odd prime. It is known that the class number of Q[£] 
grows quite rapidly with p, and that in fact the class number is 1 if and only if p < 19. 

Here is how to prove that Q[£] has class number > 1 when p — 23. The Galois group of 
Q[£] over Q is cyclic of order 22, and therefore has a unique subgroup of index 2. Hence 
Q[£] contains a unique quadratic extension K of Q. Since 23 is the only prime ramifying in 
Q[£], it must also be the only prime ramifying in K , and this implies that K = ©[V— 23]. 
One checks that (2) splits in ©[©—23], say (2) = pq, that p is not principal, and that p 3 is 
principal. Let ‘P be a prime ideal of Z[£] lying over p. Then A©p = p-', where / is the 
residue class degree. Since / divides [©[£] : Q[V— 23]] = 11, we see that / = 1 or 11 (in 
fact, / = 11). In either case, p-^ is not principal, and this implies that 'p is not principal, 
because the norm of a principal ideal is principal. 

Because of the connection to Fermat’s last theorem, primes p such that p does not divide 
the class number of <Q>[£] are of particular interest. They are called regular. Kummer found 
a simple test for when a prime is regular: define the Bernoulli numbers B n by the formula 



then p is not regular if and only if p divides the numerator of some with k = 2,4. p — 

3. It has long been known that there are infinitely many irregular primes, but it is still not 
proved that there are infinitely many regular primes. It is expected that 61% of primes are 
regular and 39% are irregular. 

Units in cyclotomic fields 

Let £ be a primitive nth root of 1, n >2. Define 


Q[?] + =QK+r 1 ]. 


For example, if £ = e 2ni ^ n , then Q[f] + = ©[cos ^]. Under any embedding of ©[£] into C, 
£ _1 maps to the complex conjugate of £, and therefore the image of ©[£] + is fixed under 
complex conjugation and hence lies in M. Thus, we see that <Q>[£] is a CM field with maximal 
totally real subfield Q[<(] + . According to Proposition 5.12, the index of /x(Q[£]) ■ in 

U m \ is 1 or 2. In fact, when n is a prime power, it must be 1. 

Proposition 6.7 Assume that n is a prime power; then every unit u e Q[£] can be written 


u = £ • v 


with C, a root of unity and v a unit in Q[('] + . 
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PROOF. We prove this only for powers of odd primes (which is all we shall need in the next 
section). If the statement is false, then the homomotphism 

U'r+U/U-.U^] fl = H (®[£]), 


in the proof of Proposition (5.12) is surjective, and so there exists a unit u of Q[£] such that 
u = %'u where £' is a root of 1 that is not a square. Recall (6.6b) that, because n is odd, 
H = {±1} ■ (£), and so pt 2 = (£). Therefore £' = for some integer m. Let 

w = £to fl <p(n)—t 1 , fl; G 7L. 


Then u = ao 4-F a<p(n)~\£ > <p ^ 1 , and modulo the prime ideal p = (1 — £) = (1 — £) of 

°Qltb 

u = do H — + i = u. 


Thus 


u = —t, m u = —u mod p, 


and so 2 u e p. This is a contradiction because p is prime, 2 ^ p, and u p. 


The first case of Fermat’s last theorem for regular primes 

Kummer proved Fermat’s last theorem for regular primes. Flere we prove a weaker result, 
known as the first case of Fermat’s last theorem. 

Theorem 6.8 Let p be an odd prime. If the class number of <Q>[£] is not divisible by p, 
then there does not exist an integer solution ( x,y,z ) to 

X p + Y p = Z p 


with p relatively prime to xyz. 

We show that existence of integers x,y,z with x p + y p = z p and p\ xyz leads to a 
contradiction. After removing any common factor, we may suppose that gcd(,r, y,z) = 1. 
We first treat the case p — 3. The only cubes modulo 9 are —1, 0, 1, and so 

x 3 + y 3 = —2,0, or 2 mod 9, 
z 3 = — 1 or 1 mod 9, 

which are contradictory. Similarly we may eliminate the case p — 5 by looking modulo 25. 
Flenceforth we assume p > 5. 

If x = y = —z mod p. then —2 z p = z p and p\3z, contradicting our hypotheses. Hence 
one of the congruences can’t hold, and after rewriting the equation x p + (— z) p = (— y) p if 
necessary, we may assume that p\ x — y. 

The roots of X p + 1 are — 1, —£,..., —, and so 

*'+ i =rr:>+A 




Hence 
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The idea of the proof is to exploit this factorization and what we know of the arithmetic of 
Q[£] to obtain a contradiction. 

Let p be the unique prime ideal of Z[£] dividing ( p ); thus p = (1 — £ r ) where i can be 
any integer such that 1 < i < p — 1 (see 6.2). 

Lemma 6.9 The elements x + £' y of Z[£] are relatively prime in pairs. 

PROOF. We have to show that there does not exist a prime ideal q dividing x + y and 
x + ^y for i ^ j. Suppose there does. Then q|((£' —£ 7 )y) = py, and q|((£ 7 — £ ! )x) = px. 
By assumption, x and y are relatively prime, and therefore q = p. Thus x + y= x + ^y = 0 
mod p. Hence x + y epflZ = ( p ). But z p — x p + y p = x + y = 0 mod p, and so p\z, 
which contradicts our hypotheses. □ 


Lemma 6.10 For every a e Z[£], a p e Z+ pZ[£]. 

Proof. Write 

O' = <3q + + • • • + Up—2^ P 2 > <2/ € Z. 


Then 


which lies in Z. 


a'’ = Oq + of H-1- mod p. 


□ 


Lemma 6.11 Let a = ao + H - 1- a p-\K p 1 with a i e ^ andat feast one a, = 0. If 

a is divisible by an integer n, i.e., if a e «Z[£], then each a, is divisible by n. 

PROOF. Since 1 + £ H-f- = 0, every subset of {1, £, ..., ^ _1 } with p — 1 elements 

will be a Z-basis for Z[£]. The result is now obvious. □ 


We can now complete the proof of Theorem 6.8. Regard the equation 

rCo S x + ?y) = (z) p 

as an equality of ideals in Z[£], Since the factors on the left are relatively prime in pairs, 
each one must be the pth power of an ideal, say 

(x + £'y) = af 

for some ideal a,- in Z[£], This equation implies that a,; has order dividing p in the class 
group, but we are assuming that the class group of Z[£] is of order prime to p, and so a; 
itself is principal, say a, = (a,-). 

Take i = 1, and omit the subscript on a\. Then we have that x + £y = ua p for some 
unit u in Z[£], We apply (6.7) to write u = (,' v where v = v. According to (6.10), there is 
an a e Z such that a p = a mod p. Therefore 

x + £y = t; r va p = ^ r va mod p. 


Also 


x + £y = £ r va p = f, r va mod p. 


On combining these statements, we find that 


K r (x + ^y) = £ r (x + £ x y) modp, 
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x + £y - £ 2r x - £ 2r 1 y = 0 mod p. (16) 

If 1,£, £ 2r ,£ 2r are distinct, then, because p > 5, Lemma 6.11 implies that p divides x 

and y, which is contrary to our original assumption. The only remaining possibilities are: 

(a) 1 = £ 2r ; but then (16) says 

= 0 mod p, 

and Lemma 6.11 implies p\y, which contradicts our original assumption. 

(b) 1 = £ 2r_1 ; then £ = £ 2r , and (16) says 

(x — y) — (x — y)^ = 0 mod p, 

and Lemma 6.11 implies that p\x — y, which contradicts the choice of x and y made 
at the start of the proof. 

(c) £ = £ 2r_1 ; but then (16) says 


x — £ 2 x = 0 mod p, 

and Lemma 6.11 implies that p\x, which contradicts our original assumption. 

This completes the proof. 

Notes Everything in this section was known to Kummer, but in terms of “ideal numbers” rather 
than ideals. The methods of this section have not (so far) sufficed to prove Fermat’s last theorem but, 
as the reader may already be aware, other methods have. 


Exercises 

6-1 Show that X 3 — 3X + 1 is an irreducible polynomial in Q[X] with three real roots. Let 
a be one of them, and let K — Q[or]. Compute disc(Z[a]/Z), and deduce that 

for some m. Show that a and a + 2 are units in Z[a\ and Ok, and that (a + l) 3 = 3a(a + 2). 
Deduce that (a + 1) is a prime ideal in Ok, and show that Ok = Z[or] + (a + 1 )Ok- Use 
this to show that Ok = Z[a\. Show that (2) is a prime ideal in Ok, and deduce that Ok is a 
principal ideal domain. 

6-2 Show that the ring of integers in Q[cos is Z[2cos ^]. 
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In this section, we define the notion of an absolute value (or multiplicative valuation) and 
study the completions of number fields with respect to absolute values. 


Absolute Values 

An absolute value or (multiplicative) valuation 1 on a field K is a function x i-> |x| : K —> M 
such that 

(a) |x| > 0 except that [0| = 0; 

(b) \xy\ = \x\\y\ 

(c) \x + y\ < |x| + \y | (triangle inequality). 

If the stronger condition 

(c') \x + y\ <max{|x|,|y|} 

holds, then | | is called a nonarchimedean absolute value. 

Note that (a) and (b) imply that | | is a homomorphism K x —M>o (multiplicative group 
of positive real numbers). Since M>o is torsion-free, | | maps all roots of unity in K x to 1. 
In particular, | — 1 1 = 1 , and | — x | = | x | for all x . 

Example 7.1 (a) For any number field K, and embedding a.K C, we get an absolute 
value on K by putting |a| = \oa\. 

(b) Let ord: K x —»• Z be an (additive) discrete valuation, and let e be a real number with 
e > 1;then 

\a\ = (\/e) wA{a \ 0, |0| = 0 

is a nonarchimedean absolute value on K. For example, for any prime number p, we have 
the p-adic absolute value \ \ p on Q : 

\a\ p = (l/e) ord ^ (fl) . 

Usually we normalize this by taking e — p\ thus 

\a\ p = (1 / p) ord/>(a) = 1 If if a = a 0 -p r with ord p (a 0 ) = 0. 

'Contrary to the assertions in mo45150, both terms are widely used. In fact, judging by the algebraic number 
theory books on my bookshelf, “valuation” is the more common, but I’ve decided to use “absolute value” to 
conform with Bourbaki. 
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Similarly, for any prime ideal p in a number field K, we have a normalized p-adic absolute 
value 

\a\ p = (1/Np) ordp(o) . 

(c) On any field we can define the trivial absolute value-. \a\ = 1 for all a ^ 0. When K 
is finite, there is no other (because all nonzero elements of a finite field arc roots of 1). 


Nonarchimedean absolute values 

Recall that this means that, instead of the triangle inequality, we have 

|x + y\ < max{|x|, |y|}. 

By induction, this condition implies that 

| J2 x i\ <max{|x,|}. (17) 

Proposition 7.2 An absolute value \ \ is nonarchimedean if and only if it takes bounded 
values on {ml \ m € Z}. 

PROOF. If I I is nonarchimedean, then, for m > 0, 

\ml\ = |1 + 1 + --- + 1| < |1| = 1. 

As we noted above, | — 1| = |1|, and so | —ml\ = \m\\ < 1. 

Conversely, suppose \ml \ < N for all m. Then 

i*+yr = i J20 r y n ~ r i ^ E K”)i i-^rijr r . 

r 

Clearly |jc| r \y \ n ~ r < max{|x|", \y\ n ) — max{|x|, \y\} n and (") is an integer, and so 

|x + y\ n < N(n + l)max{|x|, \y\} n ■ 

On taking nth roots we find that 

|jc + y\ < N 1/n (n + l) 1/n max{|x|, |y|}. 

When we let n —> oo, the terms involving n tend to 1 (to see this, take logs). □ 

Corollary 7.3 If char K ^ 0, then K has only nonarchimedean absolute values. 
Proof. In this case, the set {m ■ 1 | m e Z} is finite. □ 

Aside 7.4 Archimedes stated that for any two line segments, laying the shorter segment end-to-end 
a sufficient finite number of times will create a segment longer than the other. In other words, for 
any two nonzero positive real numbers a and b, there is an n e N such that b <na. The proposition 
shows that the nonarchimedean absolute values are exactly those that don’t have this “archimedean 
property”. 

As we noted above, a discrete (additive) valuation ord on K determines an absolute 
value by 

|X| = e -ord(*), 

any e > 1. Taking logs gives log e |x| = —ord(x), or ord(x) = — log e |x|. This suggests how 
we might pass from multiplicative valuations to additive valuations. 
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Proposition 7.5 Let \ \ be a nontrivial nonarchimedean absolute value, and put v(x) = 
— log |x|, x ^ 0 (log to base e for any real e > 1). Then v: K x —>• M satisfies the following 
conditions: 

(a) v(xy) = v(x) + v(y); 

(b) v(x + y) > min{t>(.\), u(_y)}. 

If v(K x ) is discrete in M, then v is a multiple of a discrete valuation ord: K y -» Z C M. 

PROOF. That v satisfies (a) and (b) is obvious. For the last statement, note that v(K x ) 
is a subgroup of M (under addition). If it is a discrete subgroup, then it is a lattice (by 
4.15), which means that v(K x ) = TLc for some c. Now ord = c -1 ■ v is an additive discrete 
valuation K x -» Z. □ 

We shall say | | is discrete when | K y | is a discrete subgroup of M>o- Note that, even 
when | K x | is discrete in M, | A'| usually won’t be, because 0 will be a limit point for the set 
| AT X |. For example, | p n \ p — p~ n , which converges to 0 as n —> oo. 

Proposition 7.6 Let| I be a nonarchimedean absolute value. Then 

def 

A = {a e K | \a\ < 1 } is a subring of K, with 

def 

U = {a e K \ \a \ = 1} as its group of units, and 

def / -v 

m = {a e K | \a\ < 1} as its unique maximal ideal. 

The absolute value \ | is discrete if and only if m is principal, in which case A is a discrete 
valuation ring. 

PROOF. The first assertion is obvious. If | | is discrete, then A and m are the pair associated 
(as in 3.27) with the additive valuation — log | |, and so A is a discrete valuation ring and m 
is generated by any element n € K x such that \n\ is the largest element of \K X \ less than 
one. Conversely, if m = (n), then |i( x | is the subgroup of M>o generated by \n\. □ 

Remark 7.7 There do exist nondiscrete nonarchimedean absolute values. For example, let 
O al be an algebraic closure of O. We shall see later that the p-adic absolute value | \ p '.Tl—> M 
extends to Q al (in many different ways). Since Q al contains an element p ] ^ n for all n, we 
see that |Q alx | 3 (p -1 ) 1 /" = 1/ ifp for all n, and 1/ 'ifp -3- 1 as n -3- oo. In fact, one can 
show that |Q alx | = {p r \ r e <Q)}, which is not discrete in M>o- 


Equivalent absolute values 

Note that an absolute value | | defines a metric on K, with distance function 

d(a,b) — \a — b\, 

and hence a topology on K: for a € K, the sets 

U(a,s) = {x 6 K | \x — a\ < e}, e > 0, 

form a fundamental system of open neighbourhoods of a. A set is open if and only if it is a 
union of sets of the form U(a,e). 

For example, for the topology on Q defined by | \ p , a and b are close if their difference 
is divisible by a high power of p. In particular, the sequence 

1 ,p,p 2 ,...,p n ,... 
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converges to 0. 

The topology defined by the p-adic absolute value | | p is called the p-adic topology on 
K. 

Proposition 7.8 Let | |i, | \ 2 be absolute values on K, with | |i nontrivial. The following 
conditions are equivalent: 

(a) | 1 1 , | 1 2 define the same topology on K ; 

(b) |q;|i < 1 |orI 2 < 1; 

(c) | I 2 = | li for some a > 0. 

PROOF, (a) (b): Since |a"| = \a\ n , clearly a n —»■ 0 if and only if |a| < 1. Therefore (a) 

implies that 

|a|i < 1 |orI 2 < 1. 

(b) (c): Because | |i is nontrivial, there exists a v € K such that |y|i > 1. Let 

a = log|y| 2 /log|y|i, 

so that 

logM 2 = a-log|y| 1 , 


M 2 = Mi- 

Note that a > 0 by (b). 

Now let x be any nonzero element of K. There is a real number b such that 


To prove (c), it suffices to prove that 


because then 


Mi = Mi- 


M 2 = \y\ b 2 , 


Ma = M^ = Mf = M?- 

Let m/n, n > 0, be a rational number > b. Then 

m 

\*h = ItIi < Mr 

and so 

\x n /y m \ l < 1. 

Lrom our assumption (b), this implies that 

\x n /y m \ 2 < 1 


m 

\x\l < M2 • 

This is true for all rational numbers ™ > b, and so 

\x\i < I T 1 2■ 

A similar argument with rational numbers ™ < b shows that 

kb > \y\ b 2 , 

and so we have equality, which completes the proof of (c). 

(c) (a): This is obvious. 



108 


7. Absolute Values; Local Fields 


Two absolute values are said to be equivalent if they satisfy the conditions of the 
proposition. 


Properties of discrete valuations 

We make some easy, but important, observations about discrete valuations. 

7.9 For an additive valuation, we are given that 

ord(a + b) > min{ord(a),ord(£)} 

and we checked (p55) that this implies that equality holds if ord(a) ^ ord(7>). For multi¬ 
plicative valuations, we are given that 

\a + b\ <max{|a|,|&|}, 

and a similar argument shows that equality holds if \a\ ^ \b\. This has the following 
consequences. 

7.10 Recall that we define a metric on K by setting d(a,b ) = \a — b\. I claim that if x is 
closer to b than it is to a, then d(a,x) — d(a.b). For we are given that 

\x — b\ < \x — a\. 


and this implies that 


\b — a\ = \b — x + x — a\ — \ x — a 


7.11 Suppose 


<2l+fl , 2 + '" + fl« — 0. 

Then an argument as on p65 shows that the maximum value of the summands must be 
attained for at least two values of the subscript. 


Complete list of absolute values for the rational numbers 

We now give a complete list of the absolute values on Q (up to equivalence). We write | |oo 
for the absolute value on Q defined by the usual absolute value on M, and we say that | |oo is 
normalized. 

Theorem 7.12 (Ostrowski) Let \ \ be a nontrivial absolute value on Q. 

(a) If | | is archimedean, then \ \ is equivalent to | |oo. 

(b) If | | is nonarchimedean, then it is equivalent to \ \ p for exactly one prime p. 

PROOF. Let m . n be integers > 1. Then we can write 


m = flo + a\n -\ - \-a r n r 

with the a / integers, 0 < a, < n, n r < m. Let N = max{l, |«|}. By the triangle inequality, 
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We know 

r < log(m)/log(«), 

(log relative to some e > 1) and the triangle inequality shows that 

\cii \ < |H-1-11 = ai 111 = cij <n. 

On putting these into the first inequality, we find that 


\m\ < (1 + r)nN r < ( 1 + 


log m \ l°gm 


logn 


n N lo s'' . 


In this inequality, replace m with m l (l an integer), and take /th roots: 


\m\ < 1 + 


t log m\ r i i°g'» 


logn 


n > N 1o s' ! . 


Now let t —► oo. The terms involving l tend to 1, and so 

(*) 


log m 

\m\ < . 


Case (i): For all integers n > 1, |n| > 1. 
In this case N — \n\, and (*) yields: 


I ,1/log™ < | /7 1 l/log« 


By symmetry, we must have equality, and so there is an c > 1 such that 


c = \m\ 1/logm = |n| 1/logn 


for all integers m ,n > 1. Hence 

|n| = c logn = e logclogn = n logc , all integers n > 1. 

Let a — logc, and rewrite this 

|n| = |/? 1^, all integers n > 1, 

where | |oo is the usual absolute value on ©. Since both | | and | |© are homomoiphisms 
O x —> M>o, the fact that they agree on a set of generators for the group Q x (the primes and 
— 1) implies that they agree on all of Q x . 

Case (ii): For some n > 1, \n\ < 1. 

In this case, TV = 1, and (*) implies \m\ < 1 for all integers m. Therefore the absolute 
value is nonarchimedean. Let A be the associated local ring and m its maximal ideal. From 
the definition of A, we know that Z C A. Then m n Z is a prime ideal in Z (because m is 
a prime ideal), and it is nonzero for otherwise the absolute value would be trivial. Hence 
m fl Z = (p) for some p. This implies that \m \ = 1 if m is an integer not divisible by p, and 
so \np r \ = \p\ r if n is a rational number whose numerator and denominator are not divisible 
by p. If a is such that \p\ = (1/ p) a \ then |x| = |x|® for all xeQ. □ 

Theorem 7.13 (Product Formula) For p — 2,3,5,7, ...,oo,Ief| \ p be the correspond¬ 
ing normalized absolute value on Q. For any nonzero rational number a 

i~[ \ a \p — 1 (product over all p including oo). 
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PROOF. Let a = a/b, a.b e Z. Then \a\ p — 1 unless p\a or p\b. Therefore |or| v = 1 for 
all but finite many us, and so the product is really finite. 

Let n(a) = ]~[ \a\ v . Then n is a homomorphism Q x —» M x , and so it suffices to show 
that 7r(—1) = 1 and n(p) = 1 for each prime number p. The first is obvious, because 
| — 11 = 1 for all absolute values | |. For the second, note that 

\p\p = l/p< \p\q = l, q a prime ^ p, |/?|oo = />- 
The product of these numbers is 1. □ 


The primes of a number field 

Let K be an algebraic number field. An equivalence class of absolute values on K is called 
a prime or place of K. 

Theorem 7.14 Let K be an algebraic number field. There exists exactly one prime of K 

(a) for each prime ideal p; 

(b) for each real embedding; 

(c) for each conjugate pair of complex embeddings. 

Proof. See Chapter 8. □ 

In each equivalence class of absolute values of K we select a normalized absolute value 2 
as follows: 

for aprime ideal p of Ok, |fl|p = (l/Np) ord|5<a ) = (Op : (a)) -1 ; 

for areal embedding o.K <->■ M, \a\ — \oa\; 

for a nonreal complex embedding a: K C, \a\ = |cra| 2 . 

Note that this last is not actually a absolute value, because it doesn’t satisfy the triangle law. 
There are various ways of getting around this problem the best of which is simply to ignore 
it. 

Notations 

We generally write v for a prime. If it corresponds to a prime ideal p of Ok, then we call it a 
finite prime , and we write p, ; for the ideal. If it corresponds to a (real or nonreal) embedding 
of K. then we call it an infinite (real or complex) prime. We write | |„ for an absolute value in 
the equivalence class. If L D K and w and v are primes of L and K such that | \ w restricted 
to K is equivalent to | |„, then we say that w divides u, or w lies over v, and we write w\v. 
For a finite prime, this means PI Ok — pi,- or, equivalently, that '^3„ ; divides p,_, ■ Ok- For 
an infinite prime, it means that w corresponds to an embedding er: L C that extends the 
embedding corresponding to v (or its complex conjugate). 

Theorem 7.15 (Product Formula) For each prime v, let | |„ be the normalized abso¬ 
lute value. For every nonzero a € K. 

, |«|,, = 1 (product over all primes of K). 

2 These are the most natural definitions for which the product formula hold. Alternatively, let K v be the 
completion of K with respect to the absolute value v , and let /x be a Haar measure on ( K v , +) — it is uniquely 

def 

determined up to a nonzero constant. For any nonzero a e K v , fJLa(U) = /x (at/) is also a Haar measure on 
(K v , +), and so /x a = c(a)/x for some constant c(a). In fact, c(a) = |a|, the normalized absolute value of a. 
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PROOF. The product formula for a general number field follows from the product formula 
for Q and the next result. □ 

Lemma 7.16 Let L be a finite extension of a number field K. 

(a) Each prime on K extends to a finite number of primes of L. 

(b) For every prime v of K and a e L y , 


Q \a\w = I Nm L/A '0'|„. 


w\v 


Proof. See Chapter 8. □ 

Remark 7.17 The product formula is true in two other important situations. 

(a) Let K be a finite extension of k(T) where k is a finite field. According to (7.3), 
the absolute values of K are all discrete, and hence correspond to discrete valuation rings 
in K. As in the number field case, we can normalize an absolute value by setting \a\ v — 
(1 /FJ))) ord '3") where N v is the number of elements in the residue field of the discrete 
valuation ring and ord„: K y -» Z. Then \a\ v = 1. The proof of this is easy when 
K — k(T), and the general case is obtained by means of a result like (7.16). 

(b) Let A' be a finite extension of k(T) where k is an algebraically closed field. In 
this case we look only at primes that are trivial when restricted to k. All such primes are 
nonarchimedean, and hence correspond to discrete valuations ord, ; : K y -» Z. Fix an e > 1, 
and define \a\ v — (1 / e ) ord >C) for every i;. Then ]~[ \a\ v = 1 for all a e K x . This of course 
is equivalent to the statement 


^ ord„ (a) — 0. 


For example, let X be a compact Riemann surface, and let K be the field of meromorphic 
functions on X. For each point P of X we have a discrete valuation, defined by ordp (/) = m 
or — m according as / has a zero or pole of order m at P. The valuations ord p are precisely 
the valuations on K trivial on Cc K, and so the product formula for K is simply the 
statement that / has as many zeros as poles. 

The proof of this runs as follows: the Cauchy integral formula implies that if / is a 
nonconstant meromotphic function on an open set U in C, and r is the oriented boundary 
of a compact set C contained in U , then 



where Z is the number of zeros of / in C and P is the number of poles of /, both counted 
with multiplicities. This formula also holds for compact subsets of manifolds. If the manifold 
M is itself compact, then we can take C — M , which has no boundary, and so the formula 
becomes 


Z-P = 0, 


t.e., 


J]ordH/) = 0, P £ M. 
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The weak approximation theorem 

Recall that an absolute value on a field K is homomorphism a i->- \a\ : K x —> M>o such that 
|a + b\ < |a| + \b\ for all a,b e K x . We extend it to K by setting |0| = 0. An absolute value 
is trivial if \a\ — 1 for all a ^ 0. Two nontrivial absolute values | • |i and | ■ I 2 are equivalent 
if |a|i < 1 implies \a \2 < 1, in which case | • | 2 = | • |j for some r e M>o (see 7.8). The 
statements in this section continue to hold if we replace “absolute value” with “positive 
power of a absolute value” (which, in the archimedean case, may fail to satisfy the triangle 
rule). 

Lemma 7.18 If \ ■ | 1 , | • | 2 , ... , \-\ n are nontrivial inequivalent absolute values of K, then 
there is an element a e K such that 

( Icli > 1 
(Mi < 1, i / L 

PROOF. First let n = 2. Because | |i and | | 2 are inequivalent, there are elements b and c 
such that 

1 \b\i < L \b\ 2 >l 
( |cji > 1, |c| 2 < 1 - 

Now a = f has the required properties. 

We proceed by induction assuming that the lemma is true for n — 1 absolute values. 
There exist elements b,c such that 

j |Zj|i > 1, \b\i < 1, i =2,3 _ ,n — 1 

} |c|i > 1, \c\ n < 1 

lf\b\n < 1, then a — b works. 111 h \„ = 1, then a = cb r works for sufficiently large r. If 

\b\ n > 1, then a = works for sufficiently large r, because converges to 0 or 1 
according as |fi| < 1 or |/;| >1. □ 


Lemma 7.19 In the situation of the last lemma, there exists an element of K that is close 
to 1 for | • 1 1 and close to 0 for \-\i, i =2,.../?. 

PROOF. Choose a as in (7.18), and consider a r — . Then 


|a r — lh — 


< 


1 +a r |i |a|j — 1 


as r —> 00 . For i > 2, 


\a r \i — 


< 


K 


11 + a | T 1 —|a|[ 


as r —> 00 . 


□ 


Theorem 7.20 Let | ■ |i , | ■ | 2 , ... , | ■ | n be nontrivial inequivalent absolute values of a 
held K, and let a 1 ,..., a n be elements of K. For every s > 0, there is an element a e K 
such that |a — a/1,- < s for all i. 

PROOF. Choose bi, i = 1,_ n, close to 1 for | |/ and close to 0 for | |y, j / /. Then 

a = aib\ H- \-a„b n 


works. 


□ 
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Let K, be the completion of K for | ■ |,-. The statement of the theorem also holds with 
a, in Kj (rather than K) —choose a\ e K very close to a, and a e K very close to each a',. 
Thus K (embedded diagonally) is dense in ]~[ Kj . 

The theorem shows that there can be no finite product formula. More precisely: 


Corollary 7.21 Let |-|i, 
field K. If 


2 , ■ ■ ■ , | • |n be nontrivial inequivalent absolute values on a 
l^l 1 '"Nn" = 1> 


for alia e K x , then r,- = 0 for all i. 


PROOF. If any r, ^ 0. an a for which \a\j is sufficiently large and the \a\j, j ^ i, are 
sufficiently small provides a contradiction. □ 


The reader should compare the Weak Approximation Theorem with what the Chinese 
Remainder Theorem gives (see Exercise 7-1). 

Notes The Weak Approximation Theorem first occurs in Artin and Whaples 1945. 3 See also Artin 
1959, Our account follows the original. 


Completions 

Let A' be a field with a nontrivial absolute value. A sequence (a n ) of elements in K is called 
a Cauchy sequence if, for every e > 0, there is an N such that 

| a„ —a m | < e, all m , n > N. 

The field K is said to be complete if every Cauchy sequence has a limit in K. (The limit is 
necessarily unique.) 

Example 7.22 Consider the sequence in Z 

4,34,334,3334,.... 


As 

\a m -a n \ 5 - 5~ n ( m>n ), 

this is a Cauchy sequence for the 5-adic topology on O. Note that 

3-4= 12, 3-34= 102, 3-334= 1002, 3-3334= 10002,... 

and so 3 - cin — 2 —> 0 as n — > oo. Thus Wmn-^ooUn — 2/3 e Q. 


There is a similar notion of Cauchy series. For example, every series of the form 

a- n p~ n -t- \-a 0 +aip-\ - \-a m p m -\ -, 0 <a t <p, 

is a Cauchy series in Q for the p -adic topology. 


^Axiomatic characterization of fields by the product formula for valuations, Bull. AMS, 51, 1945, pp. 
469-492. 
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Theorem 7.23 Let K be a field with an absolute value \ \. Then there exists a complete 
valued field ( K. | |) and a homomorphism K —»• K preserving the absolute value that is 
universal in the following sense: every homomorphism K —»• L from K into a complete 
valued field (L, | |) preserving the absolute value, extends uniquely to a homomorphism 
K^L. 

Proof (Sketch) Every point of K will be the limit of a sequence of points in K, and the 
sequence will be Cauchy. Two Cauchy sequences will converge to the same point in K if 
and only if they are equivalent in the sense that 

lim \a n -b„ \ = 0 . 

n —>oo 

This suggests defining K to be the set of equivalence classes of Cauchy sequences in K. 
Define addition and multiplication of Cauchy sequences in the obvious way, and verify 
that K is a field. There is a canonical map K —> k sending a to the constant Cauchy 

sequence a,a,a which we use to identify K with a subfield of k. We can extend a 

homomoiphism from K into a second complete valued field L to K by mapping the limit of 
a Cauchy sequence in k to its limit in L. □ 

Remark 7.24 (a) As usual, the pair (K — K, | |) is uniquely determined up to a unique 
isomorphism by the universal property (cf. GT 2.4). 

(b) The image of K in k is dense because the closure k of K in k is complete, and 
(K —» k, | |) has the same universal property as ( K —> K, | |). 

For a prime v of K, we write K v for the completion of K with respect to v. When 
v corresponds to a prime ideal p, we write K p for the completion, and O p for the ring of 
integers in K p . For example, Q p is the completion of <Q> with respect to the p-adic absolute 
value | | p . We write 7L P (not L p ) for the ring of integers in Q p (the ring of p-adic integers). 

Completions in the nonarchimedean case 

Let | | be a discrete nonarchimedean absolute value on K, and let n be an element of K with 
largest value < 1 (therefore n generates the maximal ideal m in the valuation ring A). Such 
a ji is called a local uniformizingparameter. 

The set of values is 


1^1 = {c™ I m ^ U { 0 }, c = \jt\. 

Let a e K x , and let a n be a sequence in K converging to a. Then \a n \ —> |«| (because | | 
is a continuous map), and so |< 3 f | is a limit point for the set \K X |. But | K x \ is closed (being 
discrete), and so |a| e |.K" X |. Thus = |TV|, and so | | is a discrete absolute value on k 
also. Let ord: K x -» Z be a normalized discrete additive valuation corresponding to | |; then 
ord extends to a normalized discrete valuation on k. 

Note that if a n — > a ^ 0, then \a„ \ —> \a\ 7 ^ 0, and (because | K x \ is discrete), \a n \ — \a\ 
for all n large enough. 

The ring associated with j | in k is 
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Clearly A is the set of limits of Cauchy sequences in A, and it is therefore the closure of A 
in K. The maximal ideal in A is 

tn = {a € K | |a| < 1}. 

Again it is the set of limits of Cauchy sequences in m, and so it is the closure of m. Similarly, 
th" is the closure of tn”. Let n be an element with ord( 7 r) = 1; then n generates m in A and 
m in A. 

Lemma 7.25 For every n e N, the map A/ m" -> A/ m” is an isomorphism. 

Proof. Note that 

m” = {a € A | \a\ < \n\ n } — {a e A \ \a\ < \rc\ n ~ 1 } 

is both open and closed in A. Because it is closed, the map is injective; because m" is open, 
the map is surjective. □ 

Proposition 7.26 Choose a set S of representatives for A/ m, and let n generate m. The 
series 

Cl— n n ” + ••• + no + Cl\7l + ••• + a m 7t m + , flj 6 S 

is a Cauchy series, and every Cauchy series is equivalent to exactly one of this form. Thus 
each element of K has a unique representative of this form. 

Proof. CetSM = Y^L-n a i 711 ■ Then 

|sm — Nvl < \n\ M+l , if M < N, 

which shows that the sequence sm is Cauchy. Let a e K. Because |Aj = \K\, we can 
write a — iz n a§ with cro a unit in A. From the definition of S, we see that there exists an 
«o ^ S such that ao — tfo € m. Now a °~ a ° e A, and so there exists an a \ e S such that 
a °~ a ° —a\ e m. Now there exists an a 2 such that ol o-ao-a\n _ a2 etc j n 

ao = ao + aiJT A —, a = n n ao- 

Note that 

\J2 a in‘ | = \n m \ 

if a m is the first nonzero coefficient. Therefore a jit 1 = 0 (if and) only if a, = 0 for all i. 
This proves the uniqueness. □ 

Thus, for example, every equivalence class of Cauchy sequences in Q for | \ p has a 
unique representative of the form 

a-np~ n A - \-a 0 + a\p + a 2 p 2 H-, 0 <cn<p. 

Note that the partial sums of such a series are rational numbers. It is as easy to work with 
such series as with decimal expansions of real numbers —just remember high powers of p 
arc small, and hence the first to be ignored. 

We explain this in more detail. The maps 



116 


7. Absolute Values; Local Fields 


are both bijective (see 3.10 for the first map). Let a e 7L p . Because the map is bijective, for 
all n, there is an a n e Z such that a = a n mod p n . Note that, if n < m, a n = a m mod p n , 
which implies that ( a n ) is a Cauchy sequence. Let 

a n =co + c\p-\ - 'rc„-ip n ~ l mod p n , 0 <c; </>-!; 


then 

« = ap l ■ 

i >0 

Conversely, if a = ZciP l ,0<Cf <p- 1, then Co, Ci,... is the unique sequence of integers, 
0 < Ci < p — 1, such that 

n —1 

a = ^ Ci p l mod p n . 
i= 0 

If a € Op but not Z p , then p m a e 7L P for a sufficiently large m, and the above arguments 
can be applied to it. 

The following examples illustrate how to work with p-adic numbers. 

Example 7.27 InQ 2 , 

1+2H- \-2 n -\ - 

converges to — 1, because the sum of the first n terms is 


which converges to — 1 . 

Example 7.28 I claim that —1 is a square in Q 5 . We have to find a series 
«o + < 3 t 5 + fl 25 2 H-, at = 0,1,2,3, or 4 


such that 

We first need that 


(ci 0 + ci\5 + r/ 2 5 2 + ...) 2 + 1 — 0. 


Uq + 1=0 mod 5. 


Thus we must take cio — 2 or 3; we choose 2 (choosing 3 would lead to the other root). Next 
we need 

(2 + fli5 ) 2 + 1 = 0 mod 5 2 , 

and so we want 

5 + 20fli = 0 (mod 5 2 ). 

We must take a\ = 1. Suppose we have found 

c n — flo + nr5 + £? 2 5 2 + "' + 


such that 

c 2 + 1 = 0 (mod 5" +1 ), 
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and consider c„ + a n -\-\5 n+l . We want 

(c n +a„+ 15" +1 ) 2 + 1=0 (mod 5 n+2 ), 

for which we need that 

c 2 + l + 2c„a n+l 5 n+1 = 0 (mod 5"+ 2 ), 

or that 

2c n a n +i5 n+l = (— 1 — c 2 ) (mod 5" +2 ), 

or that 

2c„a n +i = (— 1 — c 2 )/ 5” +1 (mod 5), 

or that 

Aa n +\ = (-1 -c 2 )/5” +1 (mod 5). 

Since 4 is invertible modulo 5, we can always achieve this. Hence we obtain a series 
converging to — 1. In fact, 


2 2 2-j n =o yn J 


Example 7.29 We study the convergence of the power series 

x 2 x n 

exp(x) = 1 + x + — 4-)- — + •• 

2! 77! 


in Q+. Write 


Then 


n = ao + a\p-\ - \-a r p r , 0<cij<p— 1. 


ord„ (/ 2 !) 


72 


77 



72 

_P_ 

+ 

.T* 2 . 

+ ■ 

• + 

L/d 


where here [«] denotes the floor of a (largest integer less than a), and 
' n 


P 

n 

L P 2 


= a x + a 2 p + a 3 p 2 -\ - \-a r p r 1 


a 2 +a 3 p -\ -h a r p 


r—2 


L P r 

On summing these equalities, we find that 

p° — 1 p l -\ p 2 1 p r — 1 

Ordn(77!) = 770-- +771-: h 722-— H- \-a r -- 

p —1 p— 1 p— 1 p —1 

n~J2 a i 


P 1 


Therefore 


ord /> (^)=« ( ord P W - ^i) + Pf • 


As , we see that ^ —s»■ 0 if and only if ord(x) > . Therefore (see Exercise 

7-2), the series exp(x) converges for ord(x) > —^-j-. 
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There is a leisurely, and very detailed, discussion of in the first chapter of Koblitz 
1977 4 . 

Aside 7.30 Those who have taken a course in commutative algebra will know another method of 
completing a local ring R , namely 

R' = limR/m" = {( a n ) \ a n e R/ m", a„+\ = a„ mod m"}. 

In the case that R is a discrete valuation ring, this definition agrees with the above. There is an 
injective homomorphism 


R^-R', a i— s-(a„L =amodff". 

We can define a homomorphism R' —> R as follows: let (a„ ) e R\ and choose a representative a' n 
for a n in R; then (a ' n ) is an Cauchy sequence whose equivalence class is independent of the choices 
of the a ' n , and we can map (a n ) to (a' n )- It is easy to see that the map R' —»■ R is surjective, and it 
follows that it is an isomorphism. 


Newton’s lemma 

The argument in Example 7.28 works much more generally. Let f(X ) = X 2 + 1. All we 
used was that / {X ) has a simple root modulo 5. 

In the rest of this subsection, A is a complete discrete valuation ring and ti generates its 
maximal ideal (unless we say otherwise). 

Proposition 7.31 Let f(X) e A[X], and let ao be a simple root of f (X) mod n. Then 
there is a unique root a of f(X) with a = ao mod n. 

PROOF. We construct a Cauchy sequence (a n ) n >o in A whose limit a is the required root. 
Suppose that we have an a n e A such that a n = ao mod n and 

/( a n ) = 0 mod n ' 1+1 . 

Let fl n +i = a n + hn n+1 , h e A. We want 

f{a n + hn' 1+l ) = 0 mod n n+2 . 

Recall (trivial Taylor’s expansion) that, for any polynomial /, 

f(c + t) = f(c) + t- f'(c) H— 

where f'(X) is the formal derivative of f(X). Therefore 

f(a n +hn n+l ) = f(a n ) + lin n+1 ■ f'{a n ) + , 

which we want = 0 mod n n+2 . Hence we must take li so that 

h = - — • f (a n )~ l mod tt. 

This is possible because 7r” +1 |/(a„) and 

/'(an) = /'(ao) mod 7T, 

4 Koblitz, Neal, p-adic numbers, p-adic analysis, and zeta-functions. Graduate Texts in Mathematics, Vol. 
58. Springer-Verlag, New York-Heidelberg, 1977. 
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which is nonzero, and hence invertible, modulo n. Now (a n )„>o is the required Cauchy 
sequence. 

The root a is unique, because, as the above proof demonstrates, a mod n n is uniquely 
determined for each n. □ 

There is a more general form of the proposition. First recall Newton’s approximation 5 
method for finding a solution to /(x) = 0, where / is a function of a real variable. Starting 
from an ao such that /(ao) is small, define a sequence ai,ci 2 , ■■■ by putting 

ttn + l = ^n~ f(&n)/f (flii)- 

Often a n converges to a root of /(x). In the above proof, this is what we did, but the same 
argument can be made to work more generally. 

Theorem 7.32 (Newton’s lemma) Let f(X) e A[X ]. Leta 0 e A satisfy 

l/(«o)| < \f'(a 0 )\ 2 . 

Then there is a root a of f {X) in A such that 


a —a o| < 


/(a o) 
/'(ao) 2 


Proof. Define a sequence ao,ai ,... by setting 


a/I +i — ci n 


fifln) 


and prove that it is a Cauchy sequence converging to a root of f(X). See, for example, Lang 
1970, II, §2, Proposition 2. □ 


There may be more than one root a of f(X ) satisfying the condition in (7.32). In the 
2-adic integers, let 

f(X) = X 2 - SX + 12= (X-2)(X-6), 

so f'(X) — 2X — 8. Letflo = 10, giving /(ao) = 32, /'(ao) = 12. Thus, |/(ao)/,/'(ao) 2 | = 
1/2, and so ao satisfies the first condition. But now |2 —ao| = 1/8 and |6 —ao| = 1/4 are 
both less than 1/2, and so both roots are within the given radius of ao- However, it is possible 
to show that there exists a root a of f (X) in A such that 


a — ao| < 


/(ao) 

/'(ao) 


and that such an a is unique (Cassels 1986, Chapt. 4, 3.1, 3.2). 

Proposition 7.31 shows that a simple factor of degree 1 of f(X) mod n lifts to a factor 
of f(X). This generalizes. 

5 When Newton found his interpolation formula in 1670, ancient Chinese mathematicians had been using 
the formula in more sophisticated forms for more than one millennium. He, Ji-Huan, Appl. Math. Comput. 152 
(2004), no. 2, 367-371. 
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Theorem 7.33 (Hensel’s lemma) Let k be the residue field of A; for f(X)e A[X\, 
write f (X) for the image of f in k[X], Consider a monic polynomial f(X)e A [X], If 
f ( X ) factors as f = goho with go and ho monic and relatively prime (in k[X}), then f 
itself factors as f = gh with g and h monic and such that g = g 0 and h = ho- Moreover, g 
and h are uniquely determined, and (gji) = A[X], 

We first prove that (g.It) — A[X] (such a pair is said to be strictly coprime', in k[X\ 
strictly coprime just means coprime, i.e., relatively prime). 

Lemma 7.34 Let A be a local ring with residue field k. If f,g£ A[X\ are such that f 
and g are relatively prime and f is monic, then (/ g) = A [X]. More precisely, there exist 
u,v € A[X] with deg u < degg and deg v < deg/ such that 

uf + vg = 1. (18) 

PROOF. Let M = A[X]/(f, g). As / is monic, this is a finitely generated A-module. As 
(/,g) = k[X], we have that (/,g) + rm4[V] = A[X] and so mM = M. Now Nakayama’s 
Lemma (1.9) implies that M = 0. 

This shows that there exist u,v € A[X] such that (18) holds. If degu > deg/, write 
v = fq + r with deg r < deg /. Then 

(u+qg)f + rg = 1, 

and u + qg automatically has degree < degg. □ 

We next prove uniqueness of g and h. 

Lemma 7.35 Let A be a local ring with residue field k. Suppose f = gh = g'h' with 
g,h,g',h' all monic, and g — g', h — h' with g and h relatively prime. Then g — g' and 
h = If. 

PROOF. From the preceding lemma we know that (g, If) = A[X\, and so there exist t\s e 
A[X] such that gr + h's = 1. Now 

g' = g'gr + g'h's = g' gr + ghs, 


and so g divides g'. As both are monic and have the same degree, they must be equal. □ 

Finally, we prove the existence of g and h. We are given that there exist monic polyno¬ 
mials go, ho € A[X] such that 


f -goho e n ■ A[X], 

Suppose we have constructed monic polynomials g„, h„ such that 

f-gnhn = Omod j z n+1 A[X] 

and g n = go, h n = ho mod nA[X\. We want to find u, v € A[X] with degw < deggo and 
degn < degfio such that 

/ — (gn + n n+1 u)(h n + 7T n+1 v) = 0 mod n n+2 A[X], 
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i.e., such that 


(f - gnhn) ~ n n+1 (uh n + g n v) s 0 mod 7Z n+2 A[X]. 

Thus we are looking for polynomials w, v in A[X] with deg u < deg go and deg v < deg ho 
such that 

uh n +gnV = {f -gnhn)/n n+1 mod nA[X]. 

Because go and ho are monic and relatively prime. Lemma 7.34 shows that such polynomials 
exist. 

Remark 7.36 An induction argument extends the theorem to show that a factorization of 
/ into a product of relatively prime polynomials in k[X] lifts to a factorization in A [X], 
For example, in ¥ p [A], X p — X splits into p distinct factors, and so it also splits in Zp[Xl 
Hence 7L P contains the (/; — 1 )st roots of 1. More generally, if K has a residue field k with q 
elements, then K contains q roots of the polynomial X q — X. Let S be the set of these roots. 
Then 

a i-> a\S — k, 

is a bijection preserving multiplication (but not, of course, addition) - the elements of S are 
called the Teichmiiller representatives for the elements of the residue field. 

Remark 7.37 Theorems 7.32 and 7.33 arc both stronger versions of 7.31. There is in fact 
a stronger version of 7.32. For a polynomial h = c i X' , define 

||/?|| = max \ci\. 


Let 


f(X) — a n X n + a n —i X n 1 + • • • + flo £ A [A] 


have \a n \ = 1 (i.e., ci n is a unit). Let go(A) and / 70 (A) be polynomials in A[X] with degrees 
r and s respectively, and suppose that 


II/(A) — go(X)ho(X) || < |Res(g 0 (A),/j 0 (A))| 2 


where Res denotes the resultant. Then /(A) factors in A [A] as the product of a polynomial 
of degree r and a polynomial of degree s. The proof follows the same general lines as the 
above proofs. In fact, the hypothesis can be replaced by 


||/(A) —g 0 (A)MA)||<|disc(/)|. 


(For this, see Cassels 1986, pl07.) 

Note that, this gives an algorithm for factoring polynomials in Q P [A] (for example). 
Given /(A), compute disc(/). If this is zero, then / and f have a common factor, 
which we can find by the Euclidean algorithm. Otherwise ord(disc(/)) = m for some m, 
and it is enough to consider factorizations of / into polynomials with coefficients in the 
finite ring Z/p m Z. Apparently the fastest algorithms for factoring polynomials in Z[A] 
begin by factoring in Z^[A] for an appropriate prime p — computers seem to have no 
problem handling polynomials of degree 200. (But Exercise 7-6 shows that there exist 
irreducible polynomials in Z[A] of arbitrarily large degree that factor in all the rings 7L p [X] 
into polynomials of low degree.) 
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Extensions of nonarchimedean absolute values 

We explain how to extend a absolute value to a larger field. 

Theorem 7.38 Let K be complete with respect to a discrete absolute value \ \k, and let L 
be a finite separable extension of K of degree n. Then \ \k extends uniquely to a discrete 
absolute value | \l on L, and L is complete for the extended absolute value. For all f J > e L. 

\P\L = \Nm L/K p\^ n . 

PROOF. Let A be the discrete valuation ring in K, and let B be its integral closure in L. Let 
p be the maximal ideal of A. We know from (3.29) that B is a Dedekind domain, and the 
absolute values of L extending | | p correspond to the ideals of B lying over p. 

Suppose that there are distinct prime ideals fPi and Cp 2 in B dividing p. There will be 
a P e B such that 'iPi n A[j5] ^ ^2 F) A [/?]; for example, choose ff e B such that ft e fPi, 
P £ fP 2 - Let /(X) be the minimum polynomial of /3 over K, so that A[/3] ~ A[X\/ (/(X)). 
Because /(X) is irreducible in A[X] and A is complete, Hensel’s lemma shows that /(X) 
(image of /(X) in k[X], k = A/ p) must be a power of an irreducible polynomial. Then 

A[fi]/pA[fi]^k[X]/(f(X)) 

is a local ring, which contradicts the fact that A\fi\ has two prime ideals containing p. 

Hence | | p extends uniquely to an absolute value | \i on L. Similarly, | | p also extends 
uniquely to an absolute value | \l' on a Galois closure L' of L. 

For each o e Gal(L'/ K), consider the map L C, fi i-a- This is again a absolute 

value on L, and so the uniqueness implies that \/3\l = \ofi\^. Now 

\NmU3)\K = \H<rl3\ L ' = \l}\l 


which implies the formula. 

Finally, we have to show that L is complete. Let e\,...,e n be a basis for B as an A- 

module, and let ( u{rn )) be a Cauchy sequence in L. Write a(m) = ci\(m)e\ H-F a n (m)e n , 

with a, (in) e K. For each i, rq (m) is a Cauchy sequence, and if a, denotes its limit, then 

def 

a = a iCi H- F a n e n is the limit of the sequence a(m). □ 

Remark 7.39 It is obvious from the criterion (7.2) that a nonarchimedean absolute value 
can only extend to a nonarchimedean absolute value. It is possible to prove (7.38) without 
assuming that the absolute value | | on K is discrete or even nonarchimedean, but the proof 
is then completely different, and much longer — we shall in fact need this in the Chapter 
8, and so I should have included it. The formula | /3\l = | Nm^^ f J >\^ shows that | |l is 
discrete if and only if | \k is discrete. 

Corollary 7.40 Let K be as in the theorem, and let Q be a (possibly infinite) separable 
algebraic extension of K. Then \ \x extends in a unique way to an absolute value | \q on £2. 

PROOF. The theorem shows that j |k extends in a unique way to every finite subextension 
of £2, and hence it extends uniquely to £2. □ 
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Remark 7.41 In the last corollary, the extended absolute value is still nonarchimedean, 
but it need not be discrete, and £2 need not be complete. However, the completion of Q is 
again algebraically closed. 

For example as we noted in (7.6), the absolute value on the algebraic closure Q al of 
Q p is not discrete, and Exercise 7-7 shows that Q al is not complete. The completion of 
Q al is often denoted C p because it plays the same role for the p-adic absolute value on Q 
that C plays for the real absolute value. (In fact C p m C as abstract fields because they are 
both algebraically closed, and they both have a transcendence basis with cardinality equal 
to that of M. The isomorphism is as far from being canonical as it is possible to get — its 
construction requires the axiom of choice.) 

Corollary 7.42 Let K and L be as in the theorem; then n — ef where n = [L : K], e is 
the ramification index, and f is the degree of the residue field extension. 

PROOF. We know from (3.34) that n — ^ e, f\ . In this case, there is only one prime dividing 
p and so the formula becomes n = ef. □ 

When e = n, so that pB = ')3”, we say that L is totally ramified over K\ when f = n, 
we say that L is unramified over K. 

Note that the valuation ring B of L is the integral closure of the valuation ring A of K. 
Many of the results proved above for complete discrete valuation rings hold also for 
Henselian local rings (see §4 of my notes Lectures on Etale Cohomology). 

Remark 7.43 Let K be complete with respect to a discrete valuation, and let L be a finite 
extension of K. Let ^3 and p be the maximal ideals in the rings of integers A and B of K and 
L. Then pB = where e is the ramification index. Let n and FI be generators of p and ip. 
The normalized valuations ord^ and ord^ on K and L are characterized by equations: 

ord^(7r) = 1, ordp(L7) = 1. 

Note that jz = Tf e x unit, and so 


ord^ = e ~ 1 ord^ . 

If we denote the extension of ord k to L by ord, then 

ord(L x ) = e~ x 7L. 

This characterizes the ramification index. 


Newton’s polygon 

Let K be complete with respect to a discrete absolute value. Let ord be the corresponding 
additive valuation ord: K x -» Z, and extend ord to a valuation ord: L alx -> O. Lor a 
polynomial 


f (2f ) — doX n -{- a\ X n i 4- 1 - a n , ai K, up — 1 , 
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define the Newton polygon 6 7 of /(X) to be the lower convex hull of the set of points 

Pi = (Lord(a,)), i = 

In more detail, rotate the negative y-axis counter-clockwise about Pq = (0,0) until it hits 
a Pi — the first segment of the Newton polygon is the line Po Pi , where 7 J ,, is the point 
furthest from Pq on the rotated y-axis. Repeat the process rotating about P, ,, etc.. The 
resulting polygon starts at Pq and ends at P n ; each of its segments begins and ends at a P ,; 
each Pi either lies on the polygon or is above it; any line joining two points of the polygon 
has no point that is below the polygon (this is what we mean by the Newton polygon being 
lower convex). 

Proposition 7.44 Assume that K has characteristic zero. Suppose that the Newton 
polygon of f (X) e X[X] has segments ofx-length ip and slope Si. Then /(X) has exactly 
Hi roots a (in K :>1 ) with 

ordja) = Si. 

Moreover, the polynomial fi (X) = n o rd(a,)=.sy — ) has coefficients in K. 

PROOF. In proving the first part, we don’t have to assume that /(X) has coefficients in 
K — any finite extension of K will do. Thus it suffices to prove the following statement: 
let /(X) = ]1(X— o'/); if exactly n, of the olj ’s have ord(y), then the Newton polygon of 
/(X) has a segment of slope y and x-length n,. 

We prove this by induction on n — deg(/). If n — 1, then it is obvious. Assume it for n, 
and put 

g(X) = (X - a) /(X) = X n+1 + b x X n + h 2 X n ~ 1 +... + b n+l . 

Note that bi = at —aa.i-\. 

Case (i). ord(a) < ,V|. Recall ord(a + h) > min{ord(a),ord(&)}, with equality if 
ord(a) f ord(/)). Using this, one finds that 

the Newton polygon of g is obtained from that of / by adding a segment of slope ord(a) 
and x-length 1, and moving the Newton polygon of / to start at (1 ,ord(a)). This is what 
the proposition predicts. 

Case (ii). ord(a) = S], In this case, the initial segment of slope .Vi is lengthened by 1, 
and the rest of the polygon is as before. This is what the proposition predicts. 

The remaining cases are similar. 

We now prove the second statement. Let a be a root of /(X), and let m a (X ) be the 
minimum polynomial of a. As we saw in the proof of (7.38), ordjcF) = ord(a) for all 
conjugates a' of a, i.e., for all roots of m a (X). Because f(a) — 0, m a (X)\f(X), and the 
remark just made implies that in fact m a (X)| /,- (X) where y = ord(o:). If f J > is a root of 
fi(X)/m a {X), then a similar argument shows that mp(X)\(fj/m a ). Continuing in this 
way, we find that fi (X) is a product of polynomials with coefficients in K. □ 


6 Most people write the polynomial ao+a\X H-b X n when they define Newton polygons. This is 

slightly less convenient than the way I do it, but allows you to define the Newton polygon of a power series. 

7 See mo 15703 for an explanation of what Newton did. 
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Example 7.45 Consider the polynomial 8 

f(X) = X 3 + X 2 + 2X-8. 

By testing ±1, ±2, ±4, ±8 (actually, by asking PARI) one sees that this polynomial is 
irreducible over Q. The Newton polygon of / relative to ord 2 has slopes 0,1,2, each with 
x-length 1. Therefore / splits in and it has roots aq, 012 , U 3 with ords 0, 1, 2. 


Locally compact fields 

We now look at the compactness properties of our fields. 

Proposition 7.46 Let K be complete with respect to a nonarchimedean discrete absolute 
value. Let A be the ring of integers in K and let m be the maximal ideal in A. Then A is 
compact if and only if A /m is finite. 

PROOF. Let S be a set of representatives for A/m. We have to show that A is compact if 
and only if S is finite. 

=>-: Clearly m = {x e K | |x| < 1} is open in K. As A is the disjoint union of the open 
sets s + m, s e S, S must be finite if A is compact. 

4=: Recall that a metric space X is compact if and only if it is complete and totally 
bounded (this means that for any r > 0, there is a finite covering of X by open balls of radius 
r). But every element of A can be written 

so + sm +S 2 n 2 -\ -b s n n n 4—, Si e S. 

For a fixed n, there are only finitely many sums 


so + sin + S 2 JT 2 4-b s n jr n , Sj€S, 

and every element of A is within \n n+l | of such an element. □ 

Corollary 7.47 Assume that the residue field is finite. Then p", 1 + p”, and A x are all 
compact. 

PROOF. They are all closed subsets of A. □ 

Definition 7.48 A local field is a field K with a nontrivial absolute value | | (as defined 
at the start of this section) such that K is locally compact (and hence complete). 


Remark 7.49 It is possible to give a complete classification of local fields. 

(a) Let Ai be a field that is complete with respect to an archimedean absolute value | |; 
then K is isomorphic to M or C, and the absolute value is equivalent to the usual absolute 

s Keith Conrad suggests changing the polynomial to Y 3 — X 2 — 2Y — 8. As he writes: The roots of this 
are the negatives of the roots of Y 3 + X 2 + 2X — 8, so you don’t lose anything but you do gain simplicity of 
appearance: having all signs past the leading term equal makes it easier to remember what the polynomial is! 
Perhaps Dedekind himself even used the choice with all negative coefficients; I haven’t looked up his paper to be 
sure, but I did check in Hensel’s 1894 Crelle paper on extraordinary prime factors of the discriminant that he 
wrote the polynomial as Y 3 — Y 2 — 2Y — 8. 
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value (also a theorem of Os trow ski). 9 Thus for archimedean absolute values, completeness 
implies local compactness. 

(b) A nonarchimedean local field K of characteristic zero is isomorphic to a finite 
extension of and the absolute value is equivalent to the (unique) extension of the /;-adic 
absolute value. (To prove this, note that, by assumption, K contains Q. The restriction 
of | | to Q can’t be the trivial absolute value, because otherwise A x wouldn’t be compact. 
Therefore (see 7.12) | | induces a absolute valuen on Q equivalent to the p-adic absolute 
value for some prime number p. The closure of Q in K is therefore Q p . If K has infinite 
degree over Q p , it will not be locally compact.) 

(c) A nonarchimedean local field K of characteristic p ^ 0 is isomoiphic to the field 
of formal Laurent series k((T)) over a finite field k. The field k((T )) is the completion 
of k(T) for the absolute value defined by the ideal (T) C k [T]; it consists of finite-tailed 
formal power series: 

OO 

E 

i>—n 


Unramified extensions of a local field 

Again A' is a field complete with respect to a discrete absolute value | |. To avoid problems 
with separability, we assume that K and the residue field k are both perfect 10 — of course in 
the case we are particularly interested in, K has characteristic zero and k is finite. Let A be 
the discrete valuation ring in K corresponding to | |. 

If L is an algebraic (possibly infinite) extension of K, we can still define 

B = {a € L | |a| < 1} 

p = {a e B | |a| < 1} 
and call B/p the residue field of L. 

Proposition 7.50 Let L be an algebraic extension of K, and let 1 be the residue field of 
L. The map K' (->■ k' sending an unramified extension K' of K contained in L to its residue 
held k' is a one-to-one correspondence between the sets 

{K' C L, hnite and unramified over K} \k' c /, hnite overk}. 


Moreover: 

9 Here is a sketch of the proof. The field K contains Q, and the restriction of | | to Q is the usual absolute 
value. Therefore K contains R, and after adjoining a square root of — 1 (if necessary), we may assume K D C. 

Let x 6 K \ C, and let c be the closest element of C to x. Replace x with x — c, so that now \x — z\ > \x \ for 
all z in C. It follows that 


\x n -z n \ = \x-z\\x-^z\\x-t; 2 z\— > \x-z\\x\ n \ 
where ^ is a primitive «th root of 1. 

On choosing |z| < 1 and letting n -» oo, we find that |x| > \x — z\. Hence \x — z\ = |x| and so (taking x — z 
in place ofx) \x — 2z\ = |x[, and thus (repeating the argument) \x — nz\ = \x\, contradicting the archimedean 
property. 

10 When k is not perfect, we should define L/K to be unramified if (a) the ramification index is 1, and (b) the 
residue field extension is separable. These conditions imply that L/K is separable. With this definition, (7.50) 
continues to hold without K and k being assumed to be perfect 
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(a) if K' 4> k' and K" 4> k", then K' C K" «=>• k' C k"\ 

(b) if K' 44 k', then K' is Galois over K if and only if k' is Galois over k, in which case 
there is a canonical isomorphism 

Gal(K'/K)^Gal(k'/k). 

PROOF. Let k' be a finite extension of k. We can write it k' = k[a]. Let Jo (A) be the 
minimum polynomial of a over k, and let /(A) be any lifting of Jo ( X ) to A[X]. As a is 
a simple root of fo(X), Newton’s lemma (7.31) shows that there is a (unique) a € L such 

def 

that f(a) — 0 and a = a mod p. Now K' = K[a.\ has residue field k'. Thus K' i-> k 1 is 
surjective. Suppose that K' and K" are unramified extensions of K in L with the same 
residue field k'. Then K 1 ■ K" is an unramified extension 11 of K (see 6.5 and 6.6b) with 
residue field k'. Hence 

[K'-K":K\ = [k':k] = [K':K], 

and so K" = K’. 

Statement (a) is obvious. 

Assume K' is Galois over K ; then Gal (K 1 /K) preserves A' (the valuation ring in K’) 
and its maximal ideal, and so we get a map Gal (K r /K) —4 Aut (k'/k). Write k' — k[a\, 
and let g(X) € A[X] be such that g(X ) e k[X] is the minimum polynomial of a. Let 
a e A' be the unique root of g(X) such that a — a. Because K' is Galois over K, g(X) 
splits in A'[X\, and this implies that g(A) splits in k'[X\. and so k' is Galois over k. Let 
/ = [k':k] = [K’\K\, and let ai,_ ay be the roots of g(X). Then 

{oq, ....a/} = {oa \ a e Gal(L/A)}. 

Because g(X) is separable, the a, are distinct modulo p, and this shows that the image of 
the map Gal (K'/K) —>• Gal (k r /k ) has order /, and hence is an isomorphism. Conversely, 
suppose k’/k is Galois. Again write k' — k[a], and a <E A' lift a. It follows from Hensel’s 
lemma that A! contains the conjugates of a, and hence that K' is Galois over K. □ 

Corollary 7.51 There is an unramified extension Ko of K contained in L that contains 
all other umamihed extension of K in L. When k is finite, it is obtained from K by adjoining 
all roots of 1 of order prime to the characteristic of k. 

PROOF. This is an obvious consequence of the theorem. □ 

The field Ko in the corollary is called the largest unramified extension of K in L. 

Corollary 7.52 The residue field of K aI is k aI ; there is a subfield K un of K al such that a 
subfield L of K al , finite over K, is unramified if and only if L C K im . (Recall that we are 
assuming k and K to be perfect.) 

PROOF. Let fo (A) be any polynomial in k [A], and let /(A) be any lift of fo(X) to A[X], 
Then A al contains all the roots of /(A), and so the residue field k' of K al contains all the 
roots of /o(A). Hence k' is algebraic over k, and every polynomial in k[X] splits in k ', and 
so it must be the algebraic closure of k. □ 

11 The results (6.5) and (6.6b) express the discriminant of the composite of K' and K" in terms of the 
discriminants of K' and K" , from which it follows that if a prime does not divide the discriminant of K' or of 
K ", then it doesn't divide the discriminant of their composite. 
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Remark 7.53 For those familiar with the language of category theory, we can be a little 
more precise: there is an equivalence between the category of finite unramified extensions of 
K and the category of finite (separable) extensions of k. 

Example 7.54 Let A' be a local field of characteristic zero (hence a finite extension of Q p 
for some p), and let q be the order of the residue field k of K. 

Recall from (FT 4.20) that, for each ft, there is an extension k n of k of degree ft, and 
that k n is unique up to A-isomorphism; it is the splitting field of X q — X. The Galois 
group Gal (A,,/ k ) is a cyclic group of order ft, having as canonical generator the Frobenius 
element xh>x ? . 

Therefore, for each ft, there is an unramified extension K n of K of degree n, and it 
is unique up to /^-isomorphism; it is the splitting field of X q — X ; the Galois group 
Ga\[K n /K) is a cyclic group of order n, having as canonical generator the Frobenius 
element a which is determined by the property 

ofi = /3 q (mod p), 

all (3 € B. (Flere B is the discrete valuation ring in K n , and p is the nonzero prime ideal in 
B.) 

Totally ramified extensions of K 

Let K be a complete discretely-valued nonarchimedean field, and let n be a local uniformiz- 
ing parameter for K. A polynomial f(X ) e K[X] is said to be Eisenstein if it is Eisenstein 
for the maximal ideal of the ring of integers in K , i.e., if 

f(X) — cioX n +a\X n ~ l -\ - \-a n , with |«o| = L |a/|<l, \a n \ = \n\. 

Equivalently, 

ord(flo) = 0, ord(ft,) > 0, ord (a n ) — 1, 

for the normalized additive valuation. Equivalently, the Newton polygon of f(X) has only 
one segment, which has slope n = deg /. Eisenstein polynomials allow us to give an 
explicit description of all totally ramified extensions of K. 

Proposition 7.55 Let L be a finite extension of K. Then L / K is totally ramified if and 
only if L = K[a] with a a root of an Eisenstein polynomial. 

PROOF. <t=: Suppose L — K[oe] with a a root of an Eisenstein polynomial / (X) of degree 
n. If ord is the extension of the normalized discrete (additive) valuation on K to L, then 
ord(a) = 1/n. This implies that the ramification index of L/K is > ft. But it can’t be greater 
than ft, and so it is exactly n — L is totally ramified over K. (Compare the proof of 6.2.) 

=>•: Suppose L is a totally ramified extension of K of degree n. Let a be a generator 
of the maximal ideal in the ring of integers in L\ thus ord(o:) = 1/ft if ord extends the 
normalized discrete valuation on K. The elements La, ...,a” _1 represent different cosets of 
ord(/f x ) in ord(L x ), and so it is impossible to have a nontrivial relation 

ao + a\a-\ -b a n -\a, n ~ l = 0, cij € K 
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(because of 7.1 1). Hence L — K[a\. The elements l,a,...,af” l ,a n are linearly dependent 
over K, and so we have a relation: 

a n + ci\(x n ' + •••-)- ci n — 0, cij E K. 

Applying (7.11) again, we see that the minimum ord of a summand must be attained for two 
terms. The only way this can happen is if ord(a,-) > 0 for all i and ord(a„) = ord(a”) = 1, 
i.e., if a iX' is an Eisenstein polynomial. □ 

Remark 7.56 Let L be a finite totally ramified extension of K. Let A and B be the discrete 
valuation rings in K and L, and let n and 77 be a prime elements in A and B. I claim that 
B — A [77J. The argument is the same as in the proof of 6.2 (see also Exercise 6-1). Because 
B and A have the same residue field, 

A[n] + nB = b. 

The discriminant of 1,77.77 2 , ... is a unitX7r m for some m, and so 

p c B C A [77] C B 

for some c. As before, these two conditions suffice to imply that B = A[77]. 


Ramification groups 

Let L be a finite Galois extension of K, and assume that the residue field k of K is perfect. 

def 

As we have noted, G = Gal (L/K) preserves the absolute value on L. In particular, it 
preserves 

B — {a e L | |a| < 1}, p = {a E L \ |a| < 1}. 

Let 77 be a prime element of L (so that p = (77)). We define a sequence of subgroups 
G D Go D Gi D ■ • • by the condition: 

a E Gi \aa—a\ < \n\ l , all a € B. 

The group Go is called the inertia group , the group G\ is called the ramification group, 
and the groups G ,, i > 1, are called the higher ramification groups of L over K. 

Lemma 7.57 The Gi are normal subgroups of G, and Gi = {1} fori large enough. 
Proof. For er, r e G, 

\r~ 1 oza — a\ = |a(ra) — (ror)| 

(because |x| = |rx|). As a runs through B, so also does r a, and so r -1 crr E Gi exactly 
when a does. This proves that G/ is normal. 

If a ^ 1, then aa ^ a for some a E B. Hence a Gj as soon as \oa — a\ > 1771'. □ 

Theorem 7.58 Let L/K be a Galois extension, and assume that the residue field extension 
l / k is separable. 

(a) The fixed held of Go is the largest unramihed extension Kq of K in L, and 


G/G o = Ga\(K 0 /K) = Gal(//L). 
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(b) Fori > 1, the group 

Gi = {ct 6 Go | |o77 — 77| < |/7|'}. 

PROOF, (a) Let Ko be the largest unramified extension in L (see 7.51). Then oKq is also 
unramified, and so it is contained in Kq. Thus Kq is Galois over K, and the canonical map 
Gal(A'o/A') —>• Gal(// k ) is an isomorphism (see 7.50). By definition Go is the kernel of 
G —>• Gal(// k), and so Ko is its fixed field. 

(b) Let Ao be the discrete valuation ring in Ko. Then B = Ao[n] (by 7.56). Since Go 
leaves Ao fixed, in order to check that a e G* it suffices to check that |era — a\ < \Fl\ l for 
the element a = FI. □ 

Corollary 7.59 We have an exhaustive filtration G D Go D ■ ■ ■ such that 
G/ G 0 — Gal(/ / k); 

Go/Gi -+/ x ; 

Gi/ G,- +1 I. 

Therefore, if k is finite, then Gal (L/ K) is solvable. 

PROOF. Let a e Go; then off is also a prime element and so oil = ufl with u a unit in B. 
The map ciam mod p is a homomorphism Go —>• / x with kernel Gi. 

Let a e Gi. Then \ofl — 771 < |77|' + 1 , and so a 1 7 = Ff + afl' + 1 some a e B. The 
map o i — > a (mod p) is a homomorphism G, — >• / with kernel G/+ 1 . □ 

An extension L/K is said to be wildly ramified if p\e where p — char(k). Otherwise it 
is said to be tamely ramified, ffence for a Galois extension 

L/K is unramified Go = {1}, 


and 


L/K is tamely ramified 


Gi = {!}• 


Krasner’s lemma and applications 

Again let K be complete with respect to a discrete nonarchimedean absolute value | |, 
and extend the absolute value (uniquely) to an absolute value on K u] . It is clear from our 
discussion of unramified extensions of K that roots of distinct polynomials f(X ) and g(X) 
will often generate the same extension of K\ in fact, this will be true if f = g and both 
are irreducible in k[V]. Krasner’s lemma and its consequences show that the roots of two 
polynomials will generate the same extension if they are sufficiently close. 

Proposition 7.60 (Krasner’s Lemma) Leta.p e K al , and assume that a is separable 
over K[/3 ]. If a is closer to fi than to any conjugate of a (over K), then K[a] C K [(’>}. 

PROOF. Let a be an embedding of K[a. f J >] into K ai fixing K[/3], By Galois theory, it 
suffices to show that era = a. But 

|era — f}\ = |era — ofi\ = |a — 

because off — f3 and |ct * | = | * |. Hence 

|cra — a| = |cra — fi + /3 — a| < |a — p\. 

Since era is a conjugate of a over K, the hypothesis now implies that era = a. □ 
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Now assume K has characteristic zero (to avoid complications). As before, for h(X) = 
J^CiX 1 , we define ||/z|| = max{|c/1}. Note that if h(X ) varies in a family of monic polyno¬ 
mials for which ||/;| remains bounded, then the maximum value of a root of It is bounded; in 
fact, if 

J2 Ci P‘ = °’ 

we must have |/3”| < \cj/3 J \ for some j <n,andso \fi\ n ~ J < \cj\. 

Fix a monic irreducible polynomial f{X) in K\X\, and let 

f(X) = Y\(X-a i ), ai eK*\ 

The a/ must be distinct. Let g(X) be a second monic polynomial in K[X], and suppose that 
II f~g II is small. For any root ^ of g(X), |/(/3)| = |(/ - g)(P)\ is small (because \\f-g\\ 
small implies that ||g|| is bounded, and hence |/3| is bounded). But 

In order for this to be small, at least one term \f J i — a /1 must be small. By taking ||/ — g|| 
small enough, we can force /I to be closer to one root a,- than a, is to any other a /. That is, 
we can achieve: 

- oij | < | a/ - aj |, all j / i. 

In this case, we say that /3 belongs to at;. Krasner’s lemma then says that A'[« i ] c K[fi\, and 
because / and g have the same degree, they must be equal. We have proved: 

Proposition 7.61 Let f(X) be a monic irreducible polynomial of K[X], Then every 
monic polynomial g(X) € K[X] sufficiently close to f (X) is also irreducible, and each root 
( J > of g(X) belongs to some root a of f (A). For such a root K[a\ = K[f J >}. 

Corollary 7.62 Let K be a finite extension ofQ p . Then there is a finite extension L of 
Q contained in K such that [L: Q] = [K: Q p ] and L ■ Q p = K. 

PROOF. Write K = Q p [a], and let f(X) be the minimum polynomial of a over Q p . Choose 
g(X) e Q[X ] sufficiently close to / (X), and let L — Q[( J >\ for ft a root of g(X) belonging 
to a. □ 

Fix a monic polynomial / in A[A], and let oq.c^,... be its roots in K ai . As a second 
monic polynomial g in K[X] approaches /, each root of g approaches some root otj(i) of 
/, and the function i i-> j ( i ) doesn’t change once g is close. Let / v ( X ) be the polynomial 
with roots the (possibly with repetitions). Then, when g is close to /, it is close to f s 
because each of its roots is close to the corresponding root of f s . But if we choose g to be 
closer to / than / is to any possible f s , this will be impossible. We have proved: 

Proposition 7.63 Assume K is of characteristic zero. If two monic irreducible polyno¬ 
mials f and g are sufficiently close, then each root of g will belong to exactly one root of f, 
and so 

{A[or] | a a root of /} = { K\fi\ \ /3 a root of g}. 

Proposition 7.64 Assume K has characteristic zero and has finite residue field. Then, 
up to isomorphism, there are only finitely many totally ramified extensions of K of a given 
degree. 
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PROOF. We fix an n and show that there are only finite many totally ramified extensions of 
degree < n. Each point of 

(fli,...,fl„)epxpxpx---x J 4 x jr 
defines an Eisenstein polynomial of degree n, namely, 

f(X) = X n +a 1 X n ~ 1 + --- + a n , 

and hence a finite set of totally ramified extensions of degree n , namely, those generated 
by the roots of f(X). According to the last proposition, each point ofpxpxpx---xA x :/r 
has a neighbourhood such that the points in the neighbourhood all give the same extensions 
of K. In (7.47) we showed that the factors of pxpxpx---x 4 x 7 r are compact, hence the 
product is compact, and so a finite number of these neighbourhoods will cover it. □ 

Remark 7.65 We proved above that 

(a) every finite extension L of K contains a largest unramified extension of K\ 

(b) for each m > 1, there is an unramified extension of degree m of K, and any two such 
extensions arc A'-isomorphic. 

Fix an /?; then each extension L of K of degree n can be realized as a totally ramified 
extension of degree n / m of the (unique) unramified extension of degree m, some m dividing 
n. Clearly there are only finitely many such L’s (up to A'-isomorphism). 

Exercises 

7-1 Let | ■ 1 1 , ..., | ■ | n be the absolute values on a number field K corresponding to distinct 
prime ideals p,, and let a i,..., a n be elements of K. Let d be a common denominator for 
the at (so that dcii e Ok)- Show that, for every s > 0 , there is an element a e K such that 

|a —ai\i < s for i = 1 . n and |a| < \/\d\ for all absolute values | • | corresponding to 

prime ideals other than the p,. 

Hint: Apply the Chinese Remainder Theorem to the dai. 

7-2 Let | | be nonarchimedean absolute value on a field K. 

(a) Define an open disk with radius r and centre a to be 

D(a,r) — {x € K \ \x — a\ < r}. 

Prove that D(a,r) — D(b , r) for any b e D(a.r). Deduce that if two disks meet, then the 
large disk contains the smaller. 

(b) Assume K to be complete. Show that the series converges if and only if 

ci n x 0 . 

(This problem illustrates the weirdness of the topology defined by a nonarchimedean absolute 
value.) 

7-3 For which as Z is IX 2 — a solvable in Z 7 ? For which a e Q is it solvable in Q 7 ? 


7-4 (a) Show that (X 2 - 2)(X 2 - 17)(X 2 - 34) has a root in TL P for every p. 

(b) Show that 5V 3 — IX 2 + 3X + 6 has a root a in Z 7 with \a — 1 17 < 1. Find an a e Z 
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7-5 Find all the quadratic extensions of (Q> 2 - Hint: there arc exactly 7 (up to isomorphism). 

7-6 Let p\ . p m be distinct prime numbers, and let a,- = ^fp. Let K = Q[ai,.. ,,a m \. 

Show that [AxQ] = 2 m . Let y — J2 a i- Show that K = Q[y], and deduce that the minimum 
polynomial f(X) of y over Q has degree 2 m . Show that /( X ) factors in Z P [X] into a 
product of polynomials of degree < 4 (p ^ 2) or of degree < 8 (p = 2). 

7-7 Fix an algebraic closure 0^ of Q p , and for each n prime to p, let be a primitive /7th 
root of 1. Show that a finite extension K of Q p can contain only finitely many £ n ’s. Deduce 
that the Cauchy sequence p" does not converge to an element of 

7-8 (a) Find two monic polynomials of degree 3 in Qs[X] with the same Newton polygon, 
but with one irreducible and the other not. 

(b) Find a monic irreducible polynomial in Z[X] of degree 6 which factors in QsiX] 
into a product of 3 irreducible polynomials of degree 2. 
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A global field is an algebraic number field (finite extension of Q) or a function field in one 
variable over a finite field (finite extension of ¥ q (T) for some q). We are mainly interested 
in the number field case. 


Extending absolute values 

Let K be a field with a absolute value | | (archimedean or discrete nonarchimedean), and let 
L be a finite separable extension of K. When K is complete, we know that there is a unique 
extension of | | to L (see 7.38, 7.39), and we want to understand the extensions when K is 
not complete. 

Write L = K[ a], and let f(X) be the minimum polynomial of a over K. Let | |' be 
an extension of | | to L. Then we can form the completion L of L with respect to | |\ and 
obtain a diagram: 


/. <-A L 


K ‘-» K 


Then L = K[oe\ because K[a\ is complete, being finite over K , and contains L. Let 
g(X) be the minimum polynomial of a over K. Since f(a) — 0, g{X)\f(X), and so with 
each extension of | |, we have associated an irreducible factor of / (X) in ^[A]. 

Conversely, let g(A) be a monic irreducible factor of f(X) in K[X], and let K[x] = 
K[X]/ (g(A)). Then we obtain a diagram: 


L r 


K[x] 


K c -> K 
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According to (7.38, 7.39), the absolute value on A extends uniquely to K[x\, and this 
induces a absolute value on L extending | |. 

These two operations are inverse, and so we have proved the following result: 

Proposition 8.1 Let L — A[o:] be a finite separable extension of A, and let /(A) be 
the minimum polynomial of a over K. Then there is a natural one-to-one correspondence 
between the extensions of\\toL and the irreducible factors of /(A) in AT [A]. 

There is a more canonical way of obtaining the completions of L for the various exten¬ 
sions of | |. 

Proposition 8.2 Let| | be a absolute value on K (archimedean or discrete nonarchimedean) 
and let L be a finite separable extension of K. Let A be the completion of K with respect to 
| |. Then \ \ has finitely many extensions | 1 1 ,..., | | g to L; if L, denotes the completion of 
L with respect to the absolute value | | ; , then 

L® K k~Y\ 8 i=l Li. (19) 

PROOF. Since L is separable over K, L — K[a\ ~ A[A]/(/(A)) for a primitive element 
a € L and its minimum polynomial /(A). Suppose /(A) factors in A [A] as 

/(A) = /t (A) • f 2 (A) ■■■ fg(X) 

with fj( A) monic and irreducible. Then (see 1.18) 

L® k K= K[a\ K rs k[X]/ (/(A)) ~ ft K[X]/(fi (A)) 

and so the proposition follows from (8.1). Denote the canonical map from L into its 
completion by « i—> a ,, and denote the canonical extension of K —»• Li to K by b i-> b\ then 
the map (19) is a <g>b i-a- (a\b a g b ). □ 

Remark 8.3 Suppose now that A is a number field, that Ol — OkVA, and that | | = | | p 
for some prime ideal p in Ok- Because (A) is irreducible in A[A], Hensel’s lemma shows 
that, modulo p, /,- (A) is a power of an irreducible polynomial, say, 

fi (A) = gi (X) e '. 

Then 

f(x) = n?= 1 g<(xr, 

and (3.41) tells us that 

P OL = m?, V«=(p,gi(a)). 

The absolute values extending | | p correspond to the primes , and so the two descriptions 
of the extensions agree. On combining this with Ostrowski’s theorem (7.12) we get a explicit 
description of the equivalence classes of absolute values on A. 

Corollary 8.4 In the situation of the Proposition, for any element ot 6 L, 

Nm L/Kiot) = riNm^Ca), Tr L/K (a) = ^^.^(a). 

(in the i th factor or summand on the right, a is regarded as an element of Li). 



136 


8. Global Fields 


PROOF. By definition the norm and trace of a are the determinant and trace of the A'-lincar 
map x i-»- ax: L —>■ L. These don’t change when L is tensored with K, and it easy to see 
that norms and traces in products break up into products and sums respectively. □ 

Example 8 .5 According to PARI 

f(X) = X 6 + 5X 5 + 5X 3 + 25X + 125 

is irreducible in Q[A], Its Newton polygon for ords has three segments of x-lengths 3, 2, 1 
respectively, and so it has at least three factors in Q 5 . The discriminant of / (X) is 

2 4 5 n (59)(365587), 

and so according to (7.37), to find the number of factors of f(X) in Qs[A], it suffices to 
factor in modulo 5 11 . Better, according to Pari, /( X ) has exactly 3 irreducible factors in 
Q 5 [Z], namely, 

X + (5 + 4 ■ 5 2 + 2 • 5 3 ) + 0(5 4 ) 

A 2 + (3 ■ 5 2 ) A + (5 + 5 2 + 3 ■ 5 3 ) + 0(5 4 ) 

A 3 + (3 • 5 2 + 5 3 ) A 2 + (4■ 5 + 3 • 5 2 ) A + 5 + 0(5 4 ) 

(Type f actorpadic (f ,p,r) where r is the precision required.) 

Suppose have a factorization 

f(X) = MX)f 2 (X)MX) 

(to whatever degree of accuracy we wish). To compute \/3 \map fi — Yl c i aJ to Pi — 
ffcjaj e Li = Q 5 [a ; ], a* a root of fi (A), and use that 

\P\ i = \Pi\i = \^m Li/q 5 P\) /Aegfi . 


The product formula 

Before proving the product formula for a number field, we need one extra fact for local 
fields. 

Let A be a local field with normalized absolute value | |. Recall that this means that | ] 
is the usual absolute value if K is M, the square of the usual absolute value if K is C, and 
\ci\ = (I/pJp) orc| G) if the absolute value is defined by a prime ideal p. 

Let L be a finite separable extension of K, and let | | be the unique extension of | | to L. 
Let || || be the normalized absolute value on L corresponding to | |. What is the relation of 

II II to I I? 

Lemma 8.6 In the above situation, ||a|| = \a\ n , where n = [L:K], 

PROOF. When K is archimedean, there are only two cases to consider, and both are obvious. 
Thus, assume K is nonarchimedean. Since, by assumption, || || = | | c for some c, we only 
have to check that the formula holds for a prime element n of K. Let 77 be a prime element 
of L, and let = (77) and p = (tv): then n — (unit) x 77 e , and so 

HI = ||77 e || = (l/N<P) e = (1/Np) e/ = \n\ n , 
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as required. 

Alternatively, use (7.43). For a € K, we have 

IMI d A f Nqr ordia (7 = 3) = \ a \ef = \a\ n . 


□ 


Proposition 8.7 Let L/K be a finite extension of number fields. For any prime v of K 
and a € L, 

1>IU = II Nnii/^alln. 

w\v 


Here || || w and || denote the normalized absolute values for the primes w and v. 

PROOF. Let I \,,i — 1 , 2, ..., g, be the extensions of || || v to L, and let || || / be the normalized 
absolute value corresponding to | |/. Then 


I Nm 


L/K 


a 


l/= 4 |inf =1 Nm. 


/K 01 1 


nf =1 i 


7.38 


Nm L,/*°'l 

8.6 


= nf =1 i«ir =n?=t 


a 


where n,- = [L,-: K\. 


Theorem 8.8 (Product formula) Let K be an algebraic number held; for all nonzero 
ueK, 

n il® || w = 1> 
w 

where the product is over the primes of K and || || HJ is the normalized absolute value for the 
prime w. 

Proof. We have 

r~L ii“ n««=n„ (nu»iji«iu) ( = 7) nji Nm ^“iu 

where v runs through the primes 2, 3,5,7, ...,oo of Q. The last product is 1 by (7.13). □ 

Aside 8.9 E. Artin and Whaples (1946) 1 proved that global fields can be characterized axiomatically. 
Let AT be a field with a set QJ of primes (equivalence classes of absolute values) satisfying the following 
axioms. 

Axiom I. There is a set of representatives | for the primes such that, for any nonzero a € K, 
\a\ v ^ 1 for only finitely many v and 

n laL = 1 (product over all v e TI). 

V 

Axiom II. There exists at least one prime v for which K v is a local field. 

Then A is a global field, and 7} consists of all the primes for K. They then derived the main theorems 
(unit theorem and finiteness of the class number) directly from the axioms, thereby avoiding the use 
of either ideal theory or the Minkowski theory of lattice points. 

Throughout his career, E. Artin promoted the idea that if only one could understand the similarities 
between function fields and number fields sufficiently well, then one could transfer proofs from 
function fields to number fields (e.g. the proof of the Riemann hypothesis!). This hasn’t worked 
as well as he hoped, but the analogy has still been very fruitful. In the above paper, he suggested 
one should develop number theory and class field theory as much as possible working only from the 
axioms. 

1 Artin, Emil; Whaples, George. Axiomatic characterization of fields by the product formula for valuations. 
Bull. Amer. Math. Soc. 51, (1945). 469-492. Reprinted in: Artin, Emil. Exposition by Emil Artin: a selection. 
Edited by Michael Rosen. History of Mathematics, 30. American Mathematical Society, Providence, RI; London 
Mathematical Society, London, 2007. x+346 pp. 
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Decomposition groups 

Let L be a finite Galois extension of a number field K, and let G = Gal (L/K). For a 
absolute value w of L, we write aw for the absolute value such that \aa\ GW — \a\ w , i.e., 
\a\ aw — \a~ 1 a\ w . For example, if w is the prime defined by a prime ideal <p, then aw is 
the prime defined by the prime ideal aty, because 

|ctflo-iu < 1 cr~ l a e *p a e er*p. 

The group G acts on the set of primes of L lying over a fixed prime v of K , and we define 
the decomposition (or splitting ) group of w to be the stabilizer of w in G; thus 

G w = {a e G | aw = w}. 

Equivalently, G w is the set of elements of G that act continuously for the topology defined 
by | \ w . Each a e G w extends uniquely to a continuous automorphism of L w . Note that 
Gzw — tG w z 

Proposition 8.10 The homomorphism G w —> Ga l(L w /K v ) just defined is an isomor¬ 
phism. 

PROOF. Clearly the map is injective, and so (G w : 1) < [L w : K v \. The absolute value aw 
has decomposition group aG w a~ l , which has the same order as G w , and so we also have 
( G w : 1) < [ L aw : K v \. The number of distinct wjs dividing v is (G : G w ), and so 

(G : 1) = (G : G W )(G W : 1) < ^ [L aw : K v ] ( < 2) [L : K]. 

a&G/ G w 

Hence equality holds: (G w : 1) = [L w : K v \ (and G acts transitively on the primes dividing 
v, which we knew already from the proof of 3. 34). 2 □ 

Let D ('P) (or G('P)) be the decomposition group of 'P, so that D ('P) = Gal(L>p/ K p ), 
and let /('P) c D('P) be the inertia group. We have the following picture: 



•^Alternative proof: If tr e Ga \(L W /K v ), then the restriction a of a to L is clearly a A'-automorphism of 
L, and it fixes w as a is an automorphism of a local field. Hence the restriction of a to L is an element of the 
decomposition group of w. This map is the inverse of the one in the statement of the proposition. 
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Here: 

p 7 = p n L I( ^\ p D = p n l d( ®\ p = p n K; 

the fields in the second column arc the completions of those in the first; 
the fields in the third column arc the residue fields of those in the second. 

Proposition 8.11 (a) The only prime ideal of L lying over p o is p. 

(b) The prime ideal is unramified in L 1 , and /(p//p o ) = /(p/p). 

(c) The prime ideal p/ is totally ramified in L, and <?(p/p/) = <?(p/p). 

(d) If D (p) is normal in G, then 


P O l d = X\o<$ D 

where the product is over a set of representatives for G/ Dtp). 

PROOF, (a) Because L is Galois over L D ^\ its Galois group D(p) acts transitively on the 
set of prime ideals of L lying over po. Thus (a) is obvious from the definition of D(P). 
(b), (c), (d) are similarly straightforward. □ 

The diagram, and the proposition, show that we can construct a chain of fields 

L D // D L d d K 

such that all the ramification of p over p takes place in the top extension, all the residue 
field extension takes place in the middle extension, and, when L D is normal over K, all the 
splitting takes place in the bottom extension. One should be a little careful about the last 
assertion when D(P) is not normal in G; all we know in general is that 

p-o LD =m?^i=^D 

with e\ — 1 = /i (i.e., in general p will not split completely in L D ). 

Remark 8.12 Let L be a Galois extension of Q, with Galois group G. Suppose that 
Ol — Z[a] for some a e L. Let f(X) be the minimum polynomial of a over Q, and write 
f(X) for / (X) modulo p. Choose an irreducible factor gi(X) of / (X ), and let gi (Xf 1 
be the largest power of gi (X) dividing / (X). According to Hensel’s lemma, g\{X) e ' lifts 
to an irreducible factor f\ (A) of /( X) in O p [X], which can be found to any desired degree 
of accuracy by factoring f(X) modulo a high power of p (essentially using the method of 
proof of Hensel’s lemma). Let Pi = (pji\(a)) for any lifting h \ of gi to Z[X\. Then 

D(p 1 ) = {aeG|ap 1 =Pr}, 

which can be computed easily (provided G has been found explicitly as a subgroup of the 
symmetric group on the set of roots of / (A)). Let a be the image of a in Or /p l = T p [a]. 
Then gi(X) is the minimum polynomial of a over Fp, and /(Pi) is the subgroup of D(Pi) 
fixing a. Finally D(p 1 )//(p 1 ) = Gal(Fp[a]/F p ). 


Consider a tower of fields 
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M 



K p 


Assume M is Galois over K with Galois group G, and that H is the subgroup of G 
fixing L. (Recall D(ty) and G('}3) are two notations for the same object.) 

Proposition 8.13 Let be a prime ideal in Om, and let = ^HL. 

(a) The decomposition group H(%1) of f ,p over L is G(<P) FI H. 

(b) Suppose further that H is a normal subgroup of G, so that G/H is the Galois group 
of L/K. The decomposition group of^L over K is the image of G('p) in G/H. 

Proof, (a) Clearly 

#CP) = {o e G | a € H, a <p = q3} = //nGCP). 

(b) This is equally obvious. □ 


The Frobenius element 

Let L/K be a Galois extension of number fields with Galois group G. Given an ideal 
of L that is unramified in L/K we define the Frobenius 3 element er = (<p, L/ K) to be the 
element of G()p) that acts as the Frobenius automorphism on the residue field. Thus o is 
uniquely determined by the following two conditions: 

(a) ct 6 GCP), i.e., a 

(b) for all a e Ol , era = a q mod ip, where q is the number of elements in the residue 
field 0 K /p,p = y$nK. 

We now list the basic properties of ('ip .L/K). 

8.14 Let r'P be a second prime dividing p, r 6 G. Then G(rip) = rGpP)t _1 , and 

(r^.L/K) = t(«P,L/W)t _1 . 

'Here is a direct proof of the existence of the Frobenius element. Let L/K be a finite Galois extension 
of number fields with Galois group G, and let T be a prime ideal of Ol (not necessarily unramified). By the 
Chinese remainder theorem, there exists an element a of Ol suc h that a generates the group (Gz,/(P) X and lies 
in rtp for all r ^ G(tp). Let F(X) = IlreGiA — rot). Then F(a ) = 0 mod 4L and so F(a q ) = F(a) q = 0 
mod T- Therefore a q = aa mod for some a e G. If tr ^ G(43), then ff _1 (p =£ (fi, and so a e ff _1< P; but 
then a q = aa = 0 mod which is a contradiction. Thus a e G( f , P). Every element y of Ol can be written 
y = a' + fi. with f) e ip, and so 

ay = a(a') = a ,q = y q modqi. 







The Frobenius element 


141 


Proof. Let then 

xox~ l (a) = x((x~ l a) q +a), some ae 1 )!, and 
r((r ~ l a) q + a) = a q + xa = a q mod tp. n 

Thus if Gal(L/ K) is abelian, then (p, L/K) — (p', L/K ) for all primes p, p' dividing 
p, and we write (p, L/K ) for this element. If Gal(L/ K) is not abelian, then 

m,L/K) i<pip} 

is a conjugacy class in G, which (by an abuse of notation) we again denote (p,L/K). 
Thus, for a prime p of K, (p ,L/K) is either an element of Ga \(L/K) or a conjugacy class 
depending on whether Ga l(L/K) is abelian or nonabelian. 

8.15 Consider a tower of fields 
M £3 

L <P 

K p 

and assume that Q is unramified over p; then 

(£3 M/K) m/V) = (QM/L). 

PROOF. Let k(G) D /v ('p) D k (p) be the corresponding sequence of residue fields. Then 
/(P/p) = [&(P) : A'(p)]. and the Frobenius element in Gal(/<(£3)//Pp)) is the /(p/p)th 
power of the Frobenius element in Gal(/c(£3)//:(p)). □ 

8.16 In (8.15), assume that L is Galois over K; then 

(£3, M/ K)\L — (P, L/K). 

Proof. Obvious. □ 

Let L i and L 2 be Galois extensions of K contained in some held £?, and let M = L \ ■ L 2 ■ 
Then M is Galois over K, and there is a canonical homomoiphism 

cr (o\Li,o\L 2 ):Gal(M/K) -* Gal(Li//f) x Gal(L 2 /^) 

which is injective. 

8.17 Under the above map, 

(£3, M/K) f* (P, ,L 1 /K)x (p 2 , L 2 /K). 

Proof. This follows from (8.16). □ 

Note that p splits completely in L if and only if (p, L/K) — 1 for one (hence all) primes 
P lying over it. Flence, in the situation of (8.17), p splits completely in M if and only if it 
splits completely in L\ and L 2 . 
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Examples 

We find the Frobenius maps for quadratic and cyclotomic fields, and obtain a surprisingly 
simple proof of the quadratic reciprocity law. 

Example 8.18 Let K = Q[£„], where is a primitive nth root of 1. If p\n then p 
ramifies in K , and (p,K/Q) is not defined. Otherwise a — (p, K/Q) is the unique element 
of Gal(AT/Q) such that 

aa = a p mod p, for all a € Z[£„], 
for any prime ideal p lying over p. 

I claim that a is the element of the Galois group such that er(£„) = %%: let p be a prime 
lying over p in Z[£ n ]; then modulo p, we have, 

<r(E a i!>n) = H a iK l n = T, a f^n = (E^)* 

as required. 

Note that (p,K/Q) has order / where / is the smallest integer such that n\pf — 1 
(because this is the order of p in (Z/ (n)) y ). 

Example 8.19 Let K = Q[Vri], and let p be a prime that is unramified in K. Identify 
Gal(^T/Q) with {±1}. Then (p, K/Q) = +1 or — 1 according as p does, or does not, split 
in K, i.e., according as d is, or is not, a square modulo p. Thus (p, K/Q) — (j). 

Application: the quadratic reciprocity law 

Let K = Q[£], where / is a primitive /Hh root of 1 , p ^ 2. Because Gal (K/Q) ~ (Z//?Z) X 
is cyclic of order p — 1, it contains a unique subgroup of order (p — 1 )/2 (consisting of the 
elements of (Z/pZ) x that are squares), and hence K contains a unique quadratic extension F 
of Q. If p = 1 mod 4, then p is the only prime ramifying in Q[ A /p], and Q\^p\ is the only 
quadratic field for which this is true. Similarly if p = 3 mod 4, then — p = 1 mod 4, and 
—p is the only prime ramifying in Q[^/— p]. Thus F ~ 0 [\ 47 ] where d ~ (_ 1)(^ -1 )/ 2 . p. 
If q is an odd prime ^ p: then 

(q,K/Qm = ^. 

Thus ( q,K/Q ) restricts to the identity element of Gal(Q[Vri]/Q) or not according as <y is a 
square in (Z/ pZ) x or not. Thus (q, ^f/Q)|Q[v / ^] = (^)- But we know that it is also equal 

to (^). Hence 

Here we have used that —1 is square in if and only if 4 |q — 1, so that (^-) = (— 1)G -1 )/ 2 . 
The displayed formula, together with the equalities 

(p_D /2 ( 1 if F = 1 mod 4 

1 ’ ) -1 if p = — 1 mod 4 

/_i ,(p 2 — 1)/8 = j 1 if p = F \ mod 8 
1 ; | -1 if p = ±5 mod 8, 
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constitutes the quadratic reciprocity law. We have already proved the first equality, and the 
second can be proved as follows. Let £ be a primitive 8th root of 1 in an algebraic closure of 
IF p , and let a = £ + £ _1 . From £ 4 = — 1, we see that 

X 4 + l = (X 2 -^ 2 )(X 2 -r 2 ) inF p [X] 

because the roots of both polynomials are ±£, ±£ -1 . Therefore, £ 2 + £ -2 = 0, and so 
a 2 = 2. When p = ±1 mod 8, ( p + (~ p = t, + £ _1 , i.e., = a, and so 1 = a p ~ l = 

2 (p-D /2 = when p = ± 5 m od 8, l p + tr p = £ 5 + r 5 = -(£ + ? -1 ), i-e., a p = -a, 
and so — 1 = a p ~ l = 2 <J ’ -1 ^ 2 = (|). 

Computing Galois groups (the hard way) 

Let /(X) be a polynomial over a field A', and let «|..... a, 5 be the roots of /(A) in K‘ d \ 
We want to determine the Galois group of / as a subgroup of the group of permutations S n 
of {ai a „}. 

Introduce variables t\,...,t n . For any a e S n and polynomial f(t\ . t n ), define 

o t f — /(G( 1 ).G(n))- Let 6 = J^a/ti, and define apolynomial 

F{X, t ) = Yl(X — o t 9) (product over a € S n ). 

The coefficients of this polynomial are symmetric polynomials in the cq-, and so lie in K. 
Now factor 

F(X.t) = F 1 (X,t)---F r (X,t) 

in K[X,ti,...,t„]. 

Theorem 8.20 LetG be the set of a e S„ such thato t fixes F\(X . 1 ): then G is the Galois 
group of f. 

PROOF. See van der Waerden, Algebra, Vol 1, §61 (Calculation of the Galois group). □ 

This theorem gives an algorithm (unfortunately impractical) for computing the Galois 
group of a polynomial f{X) e Q[A], We may suppose f(X) to be monic with integer 
coefficients. First find the roots of f(X) to a high degree of accuracy. Then compute F(X. t ) 
exactly, noting that this has coefficients in Z. Factor F(X,t), and take one of the factors 
Fi(X.t). Finally list the elements o of S n such that o> fixes F\ (X. t ). The problem with 
this approach is that F(X,t ) has degree n !. It will probably work (on a computer) if n < 5, 
but otherwise it is like trying to compute a determinant directly from the definition as a sum 
of products. 


Computing Galois groups (the easy way) 

We now give a more practical procedure (also largely in van der Waerden with a more direct 
proof). 

Proposition 8.21 Let f (X) be a monic separable polynomial of degree n over a field K, 
and suppose that the Galois group G of f(X ) has s orbits (as a group of permutations of 
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the mots of f) with n \,..., n s elements respectively (so that n \ + n 2 ~\ - \-n s — n); then 

there is a factorization 

f(X) = f 1 (X)-f s (X) 

with ft (X) an irreducible polynomial in K[X] of degree . 

Proof. Write f(X) = \\(X—Ui). For S C {1,2,consider fs = Hlies (X — “/')• 
This polynomial divides f(X), and it is fixed under the action of G (and hence has coeffi¬ 
cients in K) if and only if S is stable under G. Therefore the irreducible factors of f(X) are 
the polynomials fs with S a minimal subset of {1,... , n} stable under G, but such sets S 
are precisely the orbits of G in {1,2,..., n }. □ 


if 


Let o e S n . In GT 4.26, it is proved that a is a product of disjoint cycles. More precisely, 
oi = {m ll ,...,m lni }, o 2 = {m 2 \,— ,m 2n2 }, - 


are the orbits of (o) acting on {1,2numbered in such a way that am,/ = m,y+ 1 , 
then 

o = (mn . • ■«!«,)• (w 2 i. ..m2n 2 )' — 


This remark, together with (8.21), gives us the following result. 


Corollary 8.22 Let f(X) be a monic separable polynomial of degree n over a finite held 
k, and let l be the splitting held of f{X). Suppose that the Frobenius element o € Gal((/ k ) 
(when regarded as a permutation of the roots of f(X)) is a product of disjoint cycles 
<7 = ci ■•■c s with Ci of length itj (so that n, = n). Then f(X) factors as a product of 
irreducible polynomials in k[X] 


f(X) = MX)-f s (X) 


with f of degree ni. 

In other words, the type of the cycle decomposition of er can be read off from the 
factorization of f(X). 

Theorem 8.23 (Dedekind) Let f(X) be a polynomial of degree n over a number held 
K, and let G be the Galois group of f. Assume f(X) € Ok[X] and is monic. Let p be a 
prime ideal of K, and suppose that 

f(X) = MX)-f r (X) mod p 

with the f distinct kreducible polynomials in k[X] and f, of degree itj , k — /p. Then 

G contains a permutation o that is a product of disjoint cycles of length n,. 

PROOF. Take o to be the Frobenius element of any prime lying over p — the hypothesis on 
the factorization of f(X) mod p implies that p is unramified in the splitting field (because it 
implies that p doesn’t divide the discriminant of /). □ 

Remark 8.24 There is a similar statement for real primes, namely, if 

f(X) = ffX)-f r (X) 

in M[T] with ffj of degree 2 and the remainder of the degree 1, then G contains a 
permutation a that is a product of disjoint j cycles of length 2. 
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This suggests the following strategy for factoring a polynomial Q[3f]: factor f(X) 
modulo many primes p\ discard the result if f(X ) mod p has multiple factors; continue 
until a sequence of, say n, primes has yielded no new cycle types for the elements. Then 
attempt to read off the type of the group from tables. We discuss how effective this is later. 

Example 8.25 Let f(X) — X s — X — 1. Modulo 2 this factors as (X 2 + X + l)(2f 3 + 
X 2 + 1); modulo 3 it is irreducible. Hence G contains (12345) and (, ik)(lmn ) for some 
numbering of the roots. It also contains (( ik)(lmn )) 3 = (ik), and this implies that G = S 5 
(see 8.28 below). 

Lemma 8.26 Let H be a subgroup of S n ; if H is transitive (for example, contains an 
n-cycle) and contains an (n — l)-cycle and a transposition , then H — S n . 

PROOF. After possibly renumbering, we may suppose that the ( n — l)-cycle is (1 2 3 ... 
it — 1). By virtue of the transitivity, the transposition can be transformed into (in), some i < 
it — 1. Now the (it — l)-cycle and its powers will transform this into (1 it), (2 n),(n — 1 n), 
and these elements obviously generate S n (because S n is generated by transpositions). D 

Example 8.27 Select monic polynomials of degree n, /, // / 3 with coefficients in Z 
such that 

(a) /1 is irreducible modulo 2 ; 

(b) j '2 — (degree l)(irreducible of degree n — 1) mod 3; 

(c) / 3 = (irreducible of degree 2 )(product of one or two irreducible polynomials of odd 
degree) mod 5. We need to choose / 3 to have distinct roots modulo 5. 

Take 

/ = -15/! + 10/2 + 6 / 3 , 

and let G be the Galois group of /. Then 

(a') G is transitive (it contains an it -cycle because of (a)); 

(t/) G contains a cycle of length 77 — 1; 

(c') G contains a transposition (because it contains the product of a transposition with a 
commuting element of odd order). 

The above lemma shows that G = S n . 

Remark 8.28 There are other criteria for a subgroup H of S n to be all of S n . Lor example, 
a subgroup H of S p , p prime, that contains an element of order p and a transposition is 
equal to S p (LT, Lemma 4.15). 

Remark 8.29 In Pohst and Zassenhaus 1989, p73, there are suggestions for constructing 
irreducible polynomials f(X ) of degree 11 in F0A]. A root of such a polynomial will 
generate ¥ q , q = p n , and so every such f(X) will divide X q — X. One can therefore find 
all /(A)s by factoring X q — X. 

Lor example, consider X 125 — X e FsjA]. Its splitting field is F 125 , which has degree 
3 over F 5 . The factors of X 125 — X are the minimum polynomials of the elements of 
Fi 25 - They therefore have degree 1 or 3. There are 5 linear factors, X, X — 1, X — 2, 
X — 3, X — 4, and 40 cubic factors, which constitute a complete list of all the monic 
irreducible cubic polynomials in Fs[A], PARI has no trouble factoring X 125 — X modulo 
5 (f actormod(X~125-X,5)) or X 625 — X modulo 5, but for A 3125 — X modulo 5, which 
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gives a complete list of monic irreducible polynomials of degree 1 or 5 in Fs[Z], I had to 
increase the allocated memory (allocatemem(lOOOOOOO)). 

However, if you only want one irreducible polynomial of degree n, it is easier to write 
down a polynomial at random, and check whether it is irreducible. 

Cubic polynomials 

The group S 3 has the following subgroups: 


order 

group 

group elements 

1 

1 

1 

2 

c 2 

1 x 1 + 1 x 2 

3 

^3 

1 x 1 + 2 x 3 

6 

S 3 

1 x1 + 3x2 + 2x3 


By the last row, I mean S 3 has one 1-cycle, three 2-cycles, and two 3-cycles. 

Note that any subgroup of S 3 containing cycles of length 2 and 3 is the whole of S 3 ; thus 
if / is irreducible modulo some prime and has an irreducible factor of degree 2 modulo a 
second prime, then its Galois group is S 3 . On the other hand, if factorizing / modulo many 
primes doesn’t turn up a factor of degree 2, but / is irreducible, then expect the Galois group 
of / to be A 3 . This can be checked by seeing whether disc(/) is a square. For example, 
the calculations in Examples 3.48 and 3.49 show that the polynomials X 3 + 10S' + 1 and 
X 3 — 8 JS + 15 both have Galois group S 3 . 

To make this more effective (in the technical sense), we need the Chebotarev density 
theorem. 

Chebotarev density theorem 

Definition 8.30 Let S be a set of finite primes in a number field K, and let P be the set 
of all finite primes. We say that S has natural density 8 if 

Um |{p £ S | Np < N}\ _ 

A —>-00 |{p | Np < N}\ 

Theorem 8.31 (Chebotarev density theorem) Let L be a finite Galois extension 
of the number held K, with Galois group G, and let C be a conjugacy class in G. The set of 
prime ideals p of K such that (p, Lj K) — C has density 8 — \C | /1 G \. 

PROOF. See my notes CFT (in fact, normally one proves this result with a slightly weaker 
notion of density). □ 

For example, if G is abelian, then for each o e G, the set of p such that (p, L/K ) = o 
has density 1 / | G \. 

Corollary 8.32 The primes that split in L have density 1/[L : K], In particular, there 
exist inhnitely many primes of K splitting in L. 

Remark 8.33 There is a bound for the error in implicit in (8.3 1 ) in terms of the discriminant 
of the polynomial, but it is large. The existence of the bound has the following consequence: 
given a polynomial f{X) e Q[X] (say), there exists a bound B such that, if a given cycle 
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type doesn’t occur as the Frobenius element of some p < 5, then it doesn’t occur at all. For 
a discussion of the effective version of the Chebotarev density theorem, see Lagarias and 
Odlysko, 1977. 4 

Example 8.34 Let K — Q[£„]. Then Gal(7K/Q) = (Z/nZ) x and (p, K/Q) — [p\. The 
Chebotarev density theorem says that the primes are equidistributed among the congruence 
classes. In other words, each of the arithmetic progressions 

k, k + n, k + 2/2, k + 3/2,... gcd (k,n) — 1, 

contains l/(p(n) of the primes. In particular, each of the arithmetic progressions contains 
infinitely many primes. This statement was conjectured by Legendre and proved by Dirichlet 
(using Dirichlet series). The proof of the Chebotarev density theorem is a generalization of 
that of Dirichlet. 


Example 8.35 In a quadratic extension, half the primes split and half the primes remain 
prime. 

Example 8.36 Let / be a cubic polynomial with coefficients in Q. The Chebotarev 
density theorem implies the following statements (see the above table): 

G = 1: / splits modulo all primes. 

G = C 2 : f splits for 1/2 of the primes and has an irreducible factor of degree 2 for 1/2 
of the primes. 

G = 43 : / splits for 1/3 of the primes and f remains irreducible for 2/3 of the primes. 
G — S3: f splits for 1/6 of the primes, has a factor of degree 2 for 1/2 of the primes, 
and remains prime for 1/3 of the primes. 


Example 8.37 Let / be a quartic polynomial with no linear factor, 
(a) When disc(/) is a square, the possible Galois groups are: 


order 

group 

elements 

2 

c 2 

1 x 1 + 1 x 2 2 

4 

V 4 

1 x 1 + 3 x 2 2 

12 

A4 

1x1 + 3x2 2 + 8x3 


(b) When disc(/) is not a square, the possible Galois groups are: 


order 

4 

8 

24 


group elements 

C 4 1x1 + 1x2 2 + 2x4 

Dg lxl+2x2 + 3x 2 2 T 2 x 4 

S4. 1x1 + 3x2 2 + 6x2 + 8x3 + 6x4 


See FT, Chapter 4. Thus if / is a polynomial of degree 4 with Galois group D g, then it will 
split modulo p for 1/8 of the primes, factor as the product of a quadratic and two linear 
polynomials for 1/4 of the primes, factor as the product of two quadratics for 3/8 of the 
primes, and remain irreducible for 1/4 of the primes. 

4 Lagarias, J. C.; Odlyzko, A. M. Effective versions of the Chebotarev density theorem. Algebraic number 
fields: L-functions and Galois properties (Proc. Sympos., Univ. Durham, Durham, 1975), pp. 409-464. 
Academic Press, London, 1977. 
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For a similar table for polynomials of degree 5, see Pohst and Zassenhaus 1989, pi32. 
One strategy for determining the Galois group of a polynomial is 

(a) test whether / is irreducible over Q; 

(b) compute the discriminant of /; 

(c) factor / modulo good primes (i.e., those not dividing the discriminant) until you seem 
to be getting no new cycle types; 

(d) compute the orbit lengths on the r-sets of roots (these are the degrees of the irreducible 
factors in Q[X] of the polynomial whose roots arc the sums of r roots of /); 

(e) ad hoc methods. 

As late as 1984, it had not been proved that the Mathieu group Mu occurs as a Galois group 
over Q (Mu is subgroup of Sn of order 111/5040 = 7920). 
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Applications of the Chebotarev density theorem 

We now discuss some other applications of the Chebotarev density theorem. 

For any extension L/K of number fields, write Spl(L/ K ) for the set of primes that split 
completely in L, and write Spl '(L/ K) for the set of primes that have at least one split factor. 
Then Spl(L/K) C Spl^L/.K) always, and equality holds if L/K is Galois, in which case 
the Chebotarev density theorem shows that Spl(L/K) has density 1/[L : K\. 

Theorem 8.38 If L and M are Galois over K, then 

LcM Spl(L/K) D Spl(M/K). 

Proof. =>: This is obvious. 

4=: We have 


Spl(LM/ K) — Spl(L/W) n Spl(M/ K). 
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To see this, note that 

peSpl (LM/K) <$=$■ (p,LM/K) = l 

<f=> (p, LM/K)\L = 1 and (p,LM/K)\M = 1; 

but (p, LM/K)\L = (p,L/K) and (p,LM/K)\M = ( p,M/K ). Now 
Spl (M/K) C Spl (L/K) => Spl( LM/K) = Spl (M/K) 

8 4 J [LM \ K] = [M \ K]=> L C M. 


Corollary 8.39 If L and M are Galois over K, then 

L — M Spl(M/K) = Spl(L/K). 

PROOF. Obvious from the Proposition. □ 

Remark 8.40 (a) In fact, L — M if Spl (M/K) and Spl(L/A) differ by at worst a finite 
set of primes (or if they differ by at worst a set of primes of density zero). 

(b) The effective form of the Chebotarev density theorem shows that (8.38) is effective: 
in order to show that L C M it suffices to check that 

p splits in M =>■ p splits in L 

for all primes p less than some bound. 

(c) Corollary 8.39 is not true without the Galois assumptions: there exist nonisomorphic 
extensions L and M of Q such that Spl(L/ K) = Spl (M/K). In fact there exist nonisomor¬ 
phic extensions L and M of Q of the same degree such that 

o L and M have the same discriminant; 

o a prime p not dividing the common discriminant decomposes in exactly the same way 
in the two fields. 

(d) It is clear from (8.39) that if a separable polynomial f(X) € K[X\ splits into linear 
factors mod p for all but finitely many primes p of K, then /(A) splits into linear factors in 
K[X], With a little more work, one can show that an irreducible polynomial f(X) e K[X] 
can not have a root mod p for all but a finite number of primes. This last statement is false 
for reducible polynomials — consider for example, 

(X 2 — 2)(X 2 — 3)(A 2 — 6). 

For more on these questions, see Exercise 6, p361, of Algebraic number theory. Proceedings 
of an instructional conference organized by the London Mathematical Society. Edited by 

J. W. S. Cassels and A. Frohlich Academic Press, London; Thompson Book Co., Inc., 
Washington, D.C. 1967. 

(e) It is easy to give examples of polynomials / {X ) that are irreducible over O but 
become reducible over Q p for all p, including p — o o. Since the Galois group of any 
extension of local fields is solvable, one only has to chose / to have nonsolvable Galois 
group, for example, S n for n > 5. 

Example 8.41 Fix a number field K. According to (8.39), a Galois extension L of K 
is determined by the set Spl(L/A). Thus, in order to classify the Galois extensions of 

K , it suffices to classify the sets of primes in K that can occur as Spl(L/A). For abelian 
extensions of K, class field theory does this — see CFT (they are determined by congruence 
conditions). For nonabelian extensions the sets are still a mystery — it is known that they are 
not determined by congruence conditions — but Langlands’s conjectures shed some light. 
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Finiteness Theorems 

Theorem 8.42 For any number field K, integer N, and finite set of primes S of K, 
there are only finitely many fields L D K unramified outside S and of degree N (up to 
K-isomorphism of course). 

PROOF. Recall (7.64) that for any prime v and integer N, there are only finitely many 
extensions of K v of degree dividing N. Next 

disc (L/K) = F[ disc (L w /K v ) 

1 L W\V 

in an obvious sense. This follows from the isomorphism (19). Because we are assuming that 
L is ramified only at primes in S , the product on the right is over the primes w dividing a 
prime v in S. Therefore disc (L/K) is bounded, and we can apply the the following classical 
result. □ 

Theorem 8.43 (Hermite 1857) There are only finitely many number fields with a given 
discriminant (up to isomorphism). 

PROOF. Recall (4.3) that, for an extension K of Q of degree n, there exists a set of represen¬ 
tatives for the ideal class group of K consisting of integral ideals a with 

77 1 / 4 \ S I 

N(C 1 ) -^U) |diSC */<® 15 - 

Here s is the number of conjugate pairs of nonreal complex embeddings of K. Since 
N(a) > 1, this implies that 


|disc ™' > © 2I fr) ■ 

Since —> oo as n —> oo (by Stirling’s formula, if it isn’t obvious), we see that if we bound 
|disc^/Q| then we bound n. Thus, it remains to show that, for a fixed n, there are only 
finitely many number fields with a given discriminant d. Let D — \d\. Let a\,... ,o> be the 
embeddings of F into M, and let oy+i,d>+i,..., o r + s ,o r + s be the complex embeddings. 
Consider the map 

o.K -^-M r+2 ' s , x (o\(x) .a r (x),iRa r +i(x),Scr r +i(x),...). 

In the case that r ^0, define X to be the set of n-tuples (x\ .x r ,y r +i,z r +i,...) such 

that \ xi | < Ci and yj + 4<> , where Ci = y/D + 1 and C, = 1 for / / l. In the contrary 
case, define Y to be the set of n-tuples (yi,zi,...) such that \y\\ < 1, |zi| < D + 1, and 
yf + z f < 1 f° r i > L One checks easily that the volumes of these sets are 

p(X) = 2 r n s VU r D, ft(Y) = 

and so both quotients p(X)/2 r ~J~D and /i(F)/ \fT) are greater than 1. By Minkowski’s 
Theorem (4.19), there exist nonzero integers in K that are mapped into X or Y, according to 
the case. Let a be one of them. Since its conjugates are absolutely bounded by a constant 
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depending only on D , the coefficients of the minimum polynomial of a over Q are bounded, 
and so there are only finitely many possibilities for a. We shall complete the proof by 
showing that K = Q[a]. If r ^ 0, then o\a is the only conjugate of a lying outside the unit 
circle (if it didn’t lie outside, then Nm^/Q(ct) < 1). If r = 0, then o\a and dya are the only 
conjugates of a with this property, and o\a ^ b| a since otherwise every conjugate of a 
would lie on the unit circle. Thus, in both cases, there exists a conjugate of a that is distinct 
from all other conjugates, and so a generates K. □ 


Exercises 

8-1 Let K = Q[a] where a is a root of X 3, — X 2 — 2X — 8. Show that there are three exten¬ 
sions of the 2-adic absolute value to K. Deduce that 2| disc(Z[a]/Z) but not disc(Oj^/Z). 

8-2 Let I be a finite Galois extension of the local field K , and let G ; , i > 0, be the / th 
ramification group. Let 77 generate the maximal ideal in Ol ■ For a e Gi, write oil = 
n + a(a)/7' + 1 , and consider the map G ; - —/, a i-> a(o) mod (II), where l = Ol/(H). 
Show that this is a homomorphism (additive structure on /) if and only if i > 0. 

8-3 * “It is a thought-provoking question that few graduate students would know how to 
approach the question of determining the Galois group of, say, 5 

X 6 + 2X 5 + 32f 4 + 4X 3 + 5X 2 + 6X + 7.” 


(a) Can you find it? 

(b) Can you find it without using a computer? 

8-4 Let K — k(X) where k is a finite field. Assume that every absolute value of K comes 
from a prime ideal of k[X\ or k[X~ ] |, and prove the product formula. 


And after the first year [as an undergraduate at Gottingen] I went home with 
Hilbert’s Zahlbericht under my arm, and during the summer vacation I worked 
my way through it — without any previous knowledge of elementary number 
theory or Galois theory. These were the happiest months of my life, whose 
shine, across years burdened with our common share of doubt and failure, still 
comforts my soul. 

Hermann Weyl, Bull. Amer. Math. Soc. 50 (1944), 612-654. 


5 1 don’t remember where this quote is from. 




Appendix 


Solutions to the Exercises 


0 - 1 . Use that a = m + nxfd is an algebraic integer if and only if Tr(a) = —2m e Z and 
Nm(a) = m 2 — n 2 d e Z. 

0 - 2 . Similar to Exercise 2-1 below. 

1 - 1 . (a) Let 5 = A \ (J/ Pi with the p; prime ideals. 

x,y e S 4=> Vi, x,y <£ pi Vi, xy <£ p/ xy e S. 

Let a S. Then (a) n S — 0 because S is saturated. Let I be maximal among the ideals 
of A containing a and disjoint from S — exists by Zorn’s Lemma. I'll show that I is prime. 
Suppose xy e I. 

If x ^ I , then I “j - 1 x ) properly contains I , and so t / -j - (x)) Pi S is nonempty let 
c + ax e S with cel and a e A. 

Similarly, if y I, there exists c' + a'y e S. 

But (c + ax)(c' + a'y ) e 7, which is not possible because S is multiplicative. Therefore 
x or v el, and so I is prime. 

(b) Given S, let S' — {x e A \ 3 y e A such that xy e 5} — verify that it is multiplicative 
and saturated, and is the smallest such set containing 5; moreover, it is a union of the prime 
ideals not meeting S, and S~ l M ^ S'~ l M for all ^-modules. For the final statement, use 
that p remains prime in S~ 1 A if and only if S fl p = 0. 

[Cf. Bourbaki, Alg. Comm., 1961, II, Ex. §2, no. 1, and Atiyah and MacDonald, Chapt. 
3, no. 7.] 

2 - 1 . By inspection, 4 = 2 ■ 2 = (3 + a/5)(3 — a/ 5). We have to show that 2, 3 + -J~5, and 
3 — V5 are irreducible, and 2 is not an associate of the other two. 

If 2 = a/3 then 4 = Nm(2) = Nm(cf) ■ Nm(/3), from which it follows that Nm(a) = ± 1, 
±2, or ±4. If Nm(a) = ±1, a is unit (with inverse 3= its conjugate); by looking mod 5, one 
sees that Nm(a) = ±2 is impossible; if Nm(a) = ±4, then /3 is a unit. Hence 2 can’t be 
factored into a product of nonunits. The same argument applies to the other two elements. 

If 2 and 3 + V5 were associates, then there would be a unit m + n a/ 5 in Z[\/5] such 
that 3 + a/5 = 2 (m + n a/ 5), but this is impossible. 

2-2. Suppose f(X) = ]”[ g, ( X ) with g, ( X) irreducible in K[X}. Let a be a root of g,- (X) 
in some extension field. Then g, (X) is the minimum polynomial of a over K. Because a is 
a root of /(X), it is integral over A, and so g, (X) has coefficients in A (by 2.9). 
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2-3. Consider first the case that L — K[a ], a p — a e K. 

2-4. Clearly 2 does not divide 1 + 7—3 in Z[7—3], and so (2), but 

a 2 = (4,2 + 27^3,-2 + 2771) = (4,2 + 27^3) = (2) (2,1 + 77?) = (2)o. 

If there were unique factorization into products of prime ideals, then 

cib = oc, o^0+b = c. 

We have shown that the ring Z[7—3] doesn’t have this property. 

2-5. Let a e A [/t] n By hypothesis, we can write 

OC = £7() + fl l/3 + ‘" + 
a — bo + bi/3 1 + ••• + b n /3 

Let M be the d-submodule of B generated by {f5~ n _, I,_/+” j. From the first equation, 

we find that a/3 - ' € M , 0 < i <n, and from the second equation we find that a/3 7 e M, 
0 < j < m. We can apply (2.4) to deduce that a is integral over A. 

2-6. (a) Check easily that the products a/ay, /' / j , are divisible by 3, and this implies that 
(%2 a i) n — m °d 3. The rest is easy. 

(b) Using Gauss’s Lemma, one finds that X t-> or. Z[X\ —>■ Z[a\ defines an isomorphism 
Z [X]/(f(X)) ~ Z[a], Hence 

3|g(a) •+=+ 3hsZ[X] s.t. f\g-3h 3|g. 


(c) OK. 

(d) Since F 3 has only 3 elements, there are only 3 monic polynomials of degree 1. 

This result can be proved more easily by using Dedekind’s theorem 8.23. The prime 3 splits 
completely in K , and so, if Ok — Z[a], then the minimum polynomial of a would have to 
have 4 distinct factors modulo 3. Dedekind’s example 2.38 can be proved similarly. 

2-7. Let b/s € S~ l B with b € B and s e S. Then 

b n +a\b n ~ l -\ -F a n = 0 


for some a,- e A, and so 


(!)■+?(*) 


n—l 


+- + ^ = 0. 


Therefore b/s is integral over S 1 A. This shows that S 1 B is contained in the integral 
closure of S -1 +. For the converse, let b/s (b e B , s € S) be integral over 5 _1 +. Then 


(!)'+£(!) 


n—l 


+ - + 7 L =0. 


for some a, 6 A and s/ € S. On multiplying this equation by s n s\---s n , we find that 
■sq ■■■s n b € B, and therefore that b/s = .vi ■■■s n b/ss 1 s„ e 5 1-1 B. 

3-1. It is not a Dedekind domain because it has a chain of prime ideals 


(TJ)D(T)3(0). 
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3-2. From Galois theory (or playing around, or from PARI) find that (-s/3 + s/V)/2 is a root 
of the polynomial X 4 — 5X 2 + 1. 

3-4. Let A — k[X 2 ,X 3 } C k[F]. As k[X] — k[F 2 ] • 1 +k[X 2 ] • X, it is a Noetherian k[X 2 }- 
module. Therefore, an ideal in A is finitely generated when regarded as a k [A 2 J-module, 
and a fortiori as an .4-module. Thus A Noetherian. If p is nonzero prime ideal of A, then 
p contains a nonzero polynomial, and so A /p is a finite-dimensional vector space over k. 
Since it is an integral domain, it must be a field (see 3.30), and so p is maximal. The element 
X of k(X) is integral over A because it is a root of the polynomial T 2 — X 2 e A[T], but 
X £ A. Therefore A is not integrally closed. 


4-1. For example, take B — k[X, Y] D k[X] — A and p = (F), or B = k[X] D k — A and 
P - ( A ). 

4-2. Write p B = and qi/C = p[ Then 



and Qij f Q-i'j' unless (i , j) — (/', y'). For the second part of the problem, see the start of 
Chapter 4 of the notes. 

4-3. The possibilities are determined by ffej f) = 3. Since the discriminant is —31, only 31 
ramifies, and X 3 + X + 1 = (X + 28 )(X + 17) 2 mod 31. All possibilities except ( p ) = p 3 


occur. 


4-4. Compute the Minkowski bound to find a small set of generators for the class group. In 
order to show that two ideals a and b are equivalent, it is often easiest to verify that a - b m ~’ 
is principal, where m is the order of b in the class group. 

4-5. Let ai,..., a/, be a set of representatives of the ideal classes. It suffices to find a field L 
such that each a, becomes principal in L. Because the ideal class group is finite, each of the 
a,- is of finite order, say a” 7 ' = (a,-), a,- e K. Let L be a finite extension of K such that each 
at becomes an m/th power in L, say a t — a™‘, a, e L. In the group of fractional ideals of 
L, we have 



Since the group of fractional ideals is torsion-free, this equation implies that a, ■ Ol = (a/). 
[In fact, every ideal of K becomes principal in the Hilbert class field of K (see 4.9), but this 
is very difficult to prove — it is the Principal Ideal Theorem (see CFT).] 

4-6. The discriminant of X 3 — X + 2 is (—26)2 2 , and Stickleberger’s lemma shows —26 is 
not a possible discriminant, and so Ok = Z[a\. To show that the class number is 1, it is only 
necessary to show that the ideals dividing (2) are principal. 

4-7. To show that Ok — Y — 1+ 2 ^ > observe that D(l, y) — 5, and 5 is not a square 

in Z [/]; now apply Lemma 2.23. The prime 2 ramifies in Q[i], but not in Q[V5], and so it 
ramifies in K with ramification index 2 (this follows from the multiplicativity of the e’s ). 
Similarly, 5 ramifies in K with ramification index 2. Since disc(C9^/Z[/]) = (5), only the 
divisors of (5) (in Z[i]) can ramify in k, and hence only 2 and 5 can ramify in K. The proof 
that Q[V—5] has class number 2 is sketched in (4.6). [Of course, this problem becomes 
much easier once one has (6.5).] 
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5-1. No! Some infinite sets: 

[m-s/l— [mV 2] | m,n e Z}, [*] =integer part; 

{(V 2 - 1 )" | n e N}; 

{Vn 2 +T — n | n € N}; 

{a | a is the smaller root of X 2 + ml + 1 = 0, m e Z} 

5-2. The period is 10, and the fundamental unit is 

48842 + 5967a/67. 

5- 3. No! One way to obtain a counterexample is to note that, if a prime p factors as p — 
tt i • jt 2 (+, nonassociate primes) in a quadratic extension of Q, then Nm it\ = ±p = Nm 712 , 
and so Ji\ / ji 2 has norm ±1. For example 5 = (2 + z)(2 — i) in Q[z], and so (2 + z)/(2 — z) 
has norm 1, but it is not an algebraic integer. Alternatively, note that any root of an irreducible 

polynomial X n +a\X n ~ l 4 -F 1, a, e O, not all a, e Z, will have norm ±1, but will not 

be an algebraic integer. 

6- 1. Let a be a root of X 3 — 3A + 1. Then disc(Z[a]/Z) = 81. Since its sign is (—l)' 5 , 
we must have s = 0, r — 3 — three real embeddings. From their minimum polynomials, 
one sees that a and a + 2 are algebraic integers with norms 1 and — 1 respectively. From 
(a + l ) 3 = 3a(a + 2) we find (a + l ) 3 = (3) in Ok- From the formula fi = 3, we find 
that there can be no further factorization, and e = 3, / = 1. The second equality implies that 
Okt/O* + 1) = Z/(3), and so Ok — Z + (a + 1)^;. The proof that Ok — Z[a] proceeds as 
in the proof of 6.2. The Mi nk owski bound is 2, and 2 ■ Ok is prime, because X 3 — 3X + 1 is 
irreducible modulo 2 . 

6- 2. First solution: Let a be an algebraic integer in Q[£ + £ -1 ]. We can write it 

a = + 0 < z < cp(m)/2, a t 6 Q. 

Suppose a n is the last coefficient not in Z. Then a' — YVi =0 a > (£ + V 1 Y i s a l so an algebraic 
integer. On expanding this out, and multiplying through by £”, we find that 

= ci n t, 2n + terms of lower degree in £, a n £ Z. 

This contradicts the fact that £”</ is in Z[^]. 

Second solution: Clearly, +f-i] = ^ Qtt + £ -1 ]- It follows that the algebraic 

integers in Q[^ + £ -1 ] are those elements that can be expressed + £ - '), a, € Z. 

Now prove inductively that £* + e Z[^ + ^ _1 ]. 

7- 2. (a) Easy, (b) Show s n = YV=o a i Cauchy if and only if at -*■ 0. 

7-3. If a — 0, there is a solution, and so we now take a ^ 0. To have a solution in Z 7 , clearly 
it is necessary that a = r ] 2m + l -b,m> 0, with b an integer that is not divisible by 7 but is a 
square modulo 7 (hence b = 1,2,4 mod 7). Newton’s lemma shows that this condition is 
also sufficient. 

For zzeQ, IX 2 = a has a solution in Q 7 if and only if a = 7 2 m+ 1 . 6 , zrz e Z, 6 e Z, 
b = 1,2,4 mod 7. 

7-4. (a) Because the product of two nonsquares in Z/(/?) is a square, and least one of X 2 — 2, 
X 2 — 17, A 2 — 34 has a root modulo p, and if ^ 2. 17, the root is simple and hence lifts 
to a root in Z p (by Newton’s lemma). The polynomial A 2 — 2 has 6 as a simple root modulo 
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17, and so it has a root in Z 17 . Let g(X) = X 2 — 17 and ao = 1- Then |g(ao)b = 1/16 and 
|g'(ao ) 2 |2 = 1/4 and so Newton’s lemma (7.32) again shows that it has a root in Z 2 . 

(b) Apply the method of proof of (7.31) to find 

a = l±5-7±7 3 ±2-7 4 ±5-7 5 H -. 

7-5. If k is a field of characteristic 7 ^ 2, a quadratic extension of k is of the form k[yfa\ for 
some a e k, a / k 2 , and two nonsquare elements a and h of k define the same quadratic 
extension if and only if they differ by a square (FT 5.28). Thus the quadratic extensions of k 
are in one-to-one correspondence with the cosets of k x2 in k y other than k x2 itself. 

We have to find a set of representatives for Q^ 2 in • Clearly an element u ■ 2" of Qj , 
u e Z£ , is a square if and only if n is even and u is a square in Z2, and Newton’s lemma 
shows that u is a square in Z 2 if (and only if) it is a square in Z 2 /( 8 ) = Z/( 8 ). The elements 
±1, ±5 form a set of representatives for (Z/( 8 )) x , and of these only 1 is a square. Hence 
{±1, ±5 ± 2, ±10} is a set of representatives for Q^/Q^ 2 , and so the distinct quadratic 
extensions of Q 2 are the fields Q 2 [•>/«] for a = — 1, ±2, ±5, ±10. 

There is a description of the structure of Q x in Serre, Course..., II.3. Let U — Z x and let 
Uj be the subgroup 1 ± p'hp of (/; we know from (7.27) that Q p contains the group ji p -\ 
of ( p — 1 ) ,?? roots of 1 , and one shows that 

Q x RS Zx/r p _i x Ui, U\ Z p , p/2; 

Q 2 w Zx C/i, f/i = {±l}x[/ 2 , U 2 *s Z 2 . 

There is a general formula, 


{K x :K xm )= JH-Qtm-A) 

|| m || 

for any finite extension K of Q p \ here \x m is the group of m th roots of 1 in K. See CFT VII. 

7-6. If 2 occurs among the a,-, number it aq. Then a,; / Q[ai,a 2 >because p / does 
not ramify in Q[ct 1 . 0 ( 2 , ...,a/-i]. Therefore the degree is 2 m (alternatively, use Kummer 
theory). The element y is moved by every element of Gal (A' /Q), and so it generates K. 
The group Gal( A"/0) is abelian of exponent 2 (i.e., every element has square 1). The same 
is true of the decomposition groups of the primes lying over p. Write K < 8 >q Q p = ]/[ Kj , 
so that Kj K[X\/(fj (X)) where fi(X) is the i th irreducible factor of f(X ) in Qp[A] 
(cf. 8.2). Kummer theory and the description of Q x given above show that [Kj : Q p ] < 4 
if p 7 ^ 2 and [Kj : Q 2 ] < 8 (because their Galois groups are abelian of exponent 2). This 
implies that f(X) factors as stated. 

7-7. The degree of p does not divide n, is /, where / is the smallest integer such 

that n\pf — 1. As « —> 00 , / —> 00 , and so a finite extension K of Q p can contain only 
finitely many £ n ’s. Suppose p n converges to ( J > e Then K = Q p [f J >} is a finite 
extension of (Q/. Let a t = Y? n =\ P n ■ Then a t is further from its conjugates than it is from 
/!, and so Krasner’s lemma (7.60) implies that Q p [a t ] c It follows (by induction) 

that Qp[/ 6 ] contains all the and this is impossible. 

7-8. (a) The polynomial 


X 3 + X 2 + X + l 
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has the factor X — 1, but 


X 3 + X 2 + X-l 


is irreducible because it is irreducible modulo 5. 


(b) Consider 


/ = X 6 + 3 x 5X 5 + 3 x 5X 4 + 3 x 5 4 X 3 + 3 x 5 4 X 2 + 3 x 5 9 X + 3 x 5 9 . 


It is Eisenstein for 3, and hence is irreducible over Q. Its Newton polygon for 5 has slopes 
1/2, 3/2, and 5/2, each of length 2. Correspondingly, in Qs [X] it is a product of three 
polynomials / = f\ f 2 f?>- Each of the j\ is irreducible because the field generated by a root 
of it is ramified (because the slope isn’t an integer). 

8-1. The Newton polygon of f{X) = X 3 — X 2 — 2X — 8 has three distinct slopes 1,2,3, 
and so it splits over <Q> 2 - Now (8.1) shows that j I 2 has three distinct extensions to K. Using 
that e i fi = 3, we see that 2 doesn’t ramify in K, and so 2 does not divide disc C9^/Z. 
On the other hand 2| disc(/ (X)) because f(X) has multiple roots modulo 2 (according to 
PARI, its discriminant is —2012). 

8-2. Straightforward. 

8-3. (a) In PARI, type polgalois (X"6+2*X~5+3*X~4+4*X~3+5*X~2+6*X+7). 

(b) There are the following factorizations: 


mod 3, irreducible; 
mod 5, (deg 3) x (deg 3), 
mod 13, (deg 1) x (deg 5); 
mod 19, (deg l ) 2 x (deg 4); 
mod 61, (deg l ) 2 x (deg 2) 2 ; 
mod 79, (deg 2 ) 3 . 


Thus the Galois group of / has elements of type: 

6 , 3 + 3, 1 + 5, 1 + 1 + 4, 1 + 1 + 2 + 2, 2 + 2 + 2. 

No element of type 2, 3, 3 + 2, or 4 + 2 turns up by factoring modulo any of the first 400 
primes (so I’m told). Thus it is the group 744 in the tables in Butler and McKay (see p 141) 
of the notes. It has order 120, and is isomorphic to PGL 2 (F 5 ) (group of invertible 2x2 
matrices over IF 5 modulo the scalar matrices a 1 2 , a e F|). 

8-4. Prime ideals of k[X] and k[X~ l \ define the same valuation of k(X) if and only if 
they generate the same prime ideal of k[X, X -1 ]. Thus there is one valuation ord p for each 
monic irreducible polynomial p(X) of k[X], and one for the polynomial X~ l in k[X~ l \. 
The normalized absolute value corresponding to p(X) is 



where q = #k and ord / ,(g) is the power of p(X) dividing g(X), and the normalized absolute 
value corresponding to X~ l is 





158 


A. Solutions to the Exercises 


Thus the product formula is equivalent to the formula, 

7 deg p (ord;, g-ordph) = degg-deg h , 
P(X) 

which is obvious. 



Appendix 


Two-hour examination 


Prove (or, at least, explain) your answers. 

1. (a) Is (1 + i)/V2 an algebraic integer? 

(b) Is Z[\/29] a principal ideal domain? 

2. Let K — Q[a] where a is a root of X n —2,n >2. 

(a) Find [K : Q]. 

(b) In how many ways can the usual archimedean absolute value on 0 be extended to K? 

(c) Same question for the 2-adic absolute value. 

(d) Find the rank of the group of units in Ok and the order of its torsion subgroup. 

3. Let £ be a primitive 8 tl1 root of 1. Show that Q[£] contains exactly 3 subfields of degree 2 
over Q, and they are Q[\AG], Q[\/ 2 ], Q[V^ 2 ]. 

4. Let a and n be nonzero elements of the ring of integers Ok of a number field K with 
7 i irreducible (i.e., jt — ab a or b a unit). If jz\a 3 , can you conclude that n\al What 
condition on the class group would allow you to conclude this? 

5. Let K = QAA where £ is a primitive 3rd root of 1. Find the Galois group of K over O 3 
and its ramification groups. 

6 . Let K be a finite Galois extension of Q with Galois group G. For each prime ideal '}] of 
Ok- let /(fp) be the inertia group. Show that the groups /(ip) generate G. 
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